traefik

[agustin9014]

Hello, good day, I put labels for the Trafik load balance and it doesn't work. port 80

[Brawn1]

Hi,

in my setup i use traefik 2.9 separated in a extra compose file.

docker-compose with Gitlab, Database, Redis, Registry.

the switch from http to https runs automatically, with the entrypoint=websecure option.

version: '3'

services:
  redis:
    restart: always
    image: redis:7-bullseye
    volumes:
      - redis_data:/data
    networks:
      - backend
    command:
      - --loglevel warning

  postgres:
    restart: always
    image: postgres:15
    volumes:
      - pgdata15:/var/lib/postgresql/data
    env_file:
      - gitlab.env
    environment:
      - DB_EXTENSION=pg_trgm
    networks:
      - backend

  gitlab:
    restart: always
    image: sameersbn/gitlab:17.1.2
    depends_on:
      - redis
      - postgres
    ports:
      - "22:22"
    volumes:
      - /var/docker_volume/gitlab/gitlab_data:/home/git/data:Z
      - /var/docker_volume/gitlab/certs:/certs:Z
    env_file:
      - gitlab.env
    networks:
      - backend
      - traefik-proxy
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.gitlab.rule=Host(`gitlab.example.com`) || Host(`git.example.org`)"
      - "traefik.http.routers.gitlab.entrypoints=websecure"
      - "traefik.http.routers.gitlab.tls.certresolver=letsencryptresolver"
      - "traefik.http.services.gitlab.loadbalancer.server.port=80"

  registry:
    restart: always
    image: registry:latest
    depends_on:
      - gitlab
    env_file:
      - gitlab.env
    environment:
      - REGISTRY_HTTP_ADDR=0.0.0.0:5000
      - REGISTRY_AUTH_TOKEN_REALM=https://gitlab.example.com/jwt/auth
      - REGISTRY_AUTH_TOKEN_SERVICE=container_registry
      - REGISTRY_AUTH_TOKEN_ISSUER=gitlab-issuer
      - REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE=/certs/registry.crt
      - REGISTRY_STORAGE_DELETE_ENABLED=true
    volumes:
      - /var/docker_volume/gitlab/certs:/certs
      - /var/docker_volume/gitlab/registry_data:/var/lib/registry:rw
    networks:
      - backend
      - traefik-proxy
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.registry.rule=Host(`registry.example.com`) || Host(`registry.example.de`)"
      - "traefik.http.routers.registry.entrypoints=websecure"
      - "traefik.http.routers.registry.tls.certresolver=letsencryptresolver"
      - "traefik.http.services.registry.loadbalancer.server.port=5000"

networks:
  backend:
  traefik-proxy:
    external: true

volumes:
  pgdata15:
  redis_data:

docker-compose with Traefik Container and extra external network.

version: '3'

services:
  traefik:
    restart: always
    image: traefik:v2.9
    command:
      - "--providers.docker.endpoint=unix:///var/run/docker.sock"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--providers.docker.network=traefik-proxy"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.letsencryptresolver.acme.httpchallenge=true"
      - "--certificatesresolvers.letsencryptresolver.acme.httpchallenge.entrypoint=web"
      - "--certificatesresolvers.letsencryptresolver.acme.email=webmaster@example.com"
      - "--certificatesresolvers.letsencryptresolver.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - traefik-certificates:/letsencrypt
      - /var/run/docker.sock:/var/run/docker.sock:ro
    networks:
      - traefik-proxy
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
      - "traefik.http.routers.http-catchall.entrypoints=web"
      - "traefik.http.routers.http-catchall.middlewares=redirect-to-https@docker"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"

volumes:
  traefik-certificates:

networks:
  traefik-proxy:
    external: true

i hope it helps.

[agustin9014]

fixed! thx very good!!