Hello. Since I am running synology and the 80 and 443 ports are already taken I created a macvlan network.
Docker file
version: '3'
services:
traefik:
container_name: traefik
image: traefik:latest
ports:
- 80:80
- 443:443
# - 8383:8080 # Dashboard port
volumes:
# - /var/run/docker.sock:/var/run/docker.sock:ro
- /volume1/docker/security/traefik/:/etc/traefik/
# networks:
# - proxy # rename this to your custom docker network
networks:
macvlan_nas:
ipv4_address: 192.168.1.6
lan-traefik:
labels:
traefik.http.routers.api.rule: Host(`traefik.xx.duckdns.org`) # Define the subdomain for the traefik dashboard.
traefik.http.routers.api.entryPoints: https # Set the Traefik entry point.
traefik.http.routers.api.service: api@internal # Enable Traefik API.
traefik.http.services.dummy.loadBalancer.server.port: 65535
traefik.enable: true # Enable Traefik reverse proxy for the Traefik dashboard.
environment:
DOCKER_HOST: dockersocket
DUCKDNS_TOKEN: a3f9907c-043b-4850-b8b2-5af701f52ab6
restart: unless-stopped
depends_on:
- dockersocket
dockersocket:
container_name: dockersocket
image: tecnativa/docker-socket-proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
macvlan_nas:
ipv4_address: 192.168.1.8
lan-traefik:
ports:
- "2375:2375"
environment:
CONTAINERS: 1
POST: 0
privileged: true
restart: unless-stopped
networks:
macvlan_nas:
external: true
lan-traefik:
driver: bridge
external: true
I added another container to be able to communicate to traefik:
version: '3.8'
services:
pingvin-share:
image: stonith404/pingvin-share
restart: unless-stopped
ports:
- 3001:3000
networks:
- lan-traefik
volumes:
- "/volume1/docker/pingvin:/opt/app/backend/data"
- "/volume1/docker/pingvin/images:/opt/app/frontend/public/img"
labels:
traefik.enable: true
traefik.http.routers.files.entryPoints: https
traefik.http.routers.app.rule: Host(`xx.xx.duckdns.org`)
# Optional: If you add ClamAV, uncomment the following to have ClamAV start first.
depends_on:
clamav:
condition: service_healthy
# Optional: Add ClamAV (see README.md)
# ClamAV is currently only available for AMD64 see https://github.com/Cisco-Talos/clamav/issues/482
clamav:
restart: unless-stopped
image: clamav/clamav
networks:
- lan-traefik
networks:
lan-traefik:
driver: bridge
external: true
Now my issues:
SSL appears as xx.duckdns instead of xx.xx.duckdns org, or ex traefik.xx.duckdns.org
I think this is why my kuma monitoring is failing:
write EPROTO C01724A5DC7F0000:error:0A000458:SSL routines:ssl3_read_bytes:tlsv1 unrecognized name:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1586:SSL alert number 112
traefik dashboard is available over internet...this should not be the case... << this one is now solved
Any ideas?
Thanks!