alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 4 Actions Activity
Files
025080e0d8d53d473560fc08a8f274e3dd1f08d3
infrastructure/hosts/ps10rp/traefik/compose.yaml
Renovate Bot d299f663f9
All checks were successful
lint-test-docker / docker-lint (pull_request) Successful in 13s
Details
lint-test-docker / docker-lint (push) Successful in 20s
Details
renovate / renovate (push) Successful in 2m46s
Details
Update ghcr.io/tailscale/tailscale Docker tag to v1.86.5
2025-08-22 19:01:25 +00:00

89 lines
3.5 KiB
YAML
Raw Blame History

---
services:
tailscale-traefik:
image: ghcr.io/tailscale/tailscale:v1.86.5
container_name: tailscale-traefik
cap_add:
- net_admin
- sys_module
environment:
- TS_STATE_DIR=/var/lib/tailscale
- TS_ENABLE_METRICS=true
- TS_HOSTNAME=traefik-ps10rp
# - TS_SERVE_CONFIG=/config/serve.json
network_mode: service:traefik
restart: always
volumes:
- tailscale:/var/lib/tailscale
- ${PWD}/serve.json:/config/serve.json
devices:
- /dev/net/tun:/dev/net/tun
traefik:
image: ghcr.io/traefik/traefik:v3.5.0
container_name: traefik
command:
- "--global.checkNewVersion=false"
- "--global.sendAnonymousUsage=false"
- "--api=true"
- "--api.insecure=false"
- "--api.dashboard=true"
- "--log.level=INFO"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entryPoints.web.address=:80"
- "--entrypoints.web.http.redirections.entryPoint.to=web-secure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--entryPoints.web-secure.address=:443"
- "--entryPoints.web-secure.http.tls.options=default"
- "--entryPoints.web-secure.http.tls.certResolver=cloudflare"
- "--entryPoints.web-secure.http.tls.domains[0].main=*.lebens-home.net"
- "--entryPoints.web-secure.http.tls.domains[0].sans[0]=lebens-home.net"
- "--entryPoints.traefik.address=:8080"
- "--entryPoints.metrics.address=:9100"
- "--certificatesresolvers.cloudflare.acme.dnschallenge=true"
- "--certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare"
- "--certificatesresolvers.cloudflare.acme.dnschallenge.delaybeforecheck=10"
- "--certificatesresolvers.cloudflare.acme.dnschallenge.resolvers=1.1.1.1:53"
- "--certificatesresolvers.cloudflare.acme.email=alexanderlebens@gmail.com"
- "--certificatesresolvers.cloudflare.acme.storage=acme.json"
- "--metrics.prometheus=true"
- "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0"
- "--metrics.prometheus.addEntryPointsLabels=true"
- "--metrics.prometheus.addRoutersLabels=true"
- "--metrics.prometheus.addServicesLabels=true"
- "--metrics.prometheus.entryPoint=metrics"
- "--metrics.prometheus.manualRouting=true"
env_file:
- .env
environment:
- PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
labels:
traefik.enable: true
traefik.docker.network: internal
traefik.http.routers.dashboard.entrypoints: web-secure
traefik.http.routers.dashboard.rule: (Host(`traefik-ps10rp.lebens-home.net`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard/`)))
traefik.http.routers.dashboard.service: api@internal
networks:
internal: null
ports:
- 0.0.0.0:80:80
- 0.0.0.0:443:443
privileged: true
restart: always
volumes:
- letsencrypt:/letsencrypt
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
internal:
name: internal
driver: bridge
ipam:
config:
- subnet: 172.24.0.0/16
volumes:
tailscale:
letsencrypt:
Reference in New Issue View Git Blame Copy Permalink