From 9573dc6261a7420cee76d884ac5813b878e27346 Mon Sep 17 00:00:00 2001
From: Czechman <matthias@czechman.de>
Date: Wed, 21 Dec 2022 15:09:02 +0100
Subject: [PATCH] angepasst an greenitsolution tutorial

---
 config/traefik.toml | 48 ++++++++++++++++++++-------------
 docker-compose.yaml | 66 ++++++++++++++++++++++++++++++---------------
 2 files changed, 74 insertions(+), 40 deletions(-)

diff --git a/config/traefik.toml b/config/traefik.toml
index 3f7cd38..8869333 100644
--- a/config/traefik.toml
+++ b/config/traefik.toml
@@ -1,31 +1,41 @@
-[log]
-  level = "DEBUG"
-
-[providers]
-  [providers.docker]
-    exposedByDefault = false
-    endpoint = "unix:///var/run/docker.sock"
-    network = "traefik_proxy"
-  [providers.file]
-    filename = "/etc/traefik/dynamic.yml"
-    
-[api]
-  insecure = true
-  dashboard = true
+# angepasst an https://greenitsolutions.at/traefik-docker-lets-encrypt-tutorial/
+[global]
+  checkNewVersion = true
+  sendAnonymousUsage = false
 
 # https://doc.traefik.io/traefik/routing/entrypoints/#redirection
 [entryPoints.web]
   address = ":80"
 
-  [entryPoints.web.http]
-    [entryPoints.web.http.redirections]
-      [entryPoints.web.http.redirections.entryPoint]
-        to = "websecure"
-        scheme = "https"
+#  [entryPoints.web.http]
+#    [entryPoints.web.http.redirections]
+#      [entryPoints.web.http.redirections.entryPoint]
+#        to = "websecure"
+#        scheme = "https"
 
 [entryPoints.websecure]
   address = ":443"
 
+[log]
+  level = "DEBUG"
+
+
+[api]
+#  insecure = true
+#  dashboard = true
+
+[ping]
+
+
+[providers.docker]
+#  exposedByDefault = false
+#    endpoint = "unix:///var/run/docker.sock"
+#    network = "traefik_proxy"
+#[providers.file]
+#  filename = "/etc/traefik/dynamic.yml"
+    
+
+
 #[certificatesResolvers]
 #  [certificatesResolvers.default.acme]
 #    email = "ddns@mcseeno.de" #Email Adresse hier anpassen
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 4cd7427..09749f1 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -3,35 +3,59 @@ version: '3.7'
 
 services:
   traefik:
-    image: traefik:v2.9
-    container_name: traefik
+    image: "traefik:v2.9"
+    container_name: "traefik"
+    command:
+      - "--api=true"
+      - "--api.dashboard=true"
+      - "--log.level=DEBUG"
+      - "--providers.docker=true"
+      - "--providers.docker.exposedbydefault=false"
+      - "--providers.docker.network=traefik_proxy"
+      - "--entrypoints.web.address=:80"
+      - "--entrypoints.websecure.address=:443"
+      - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
+      - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
+# für Testzwecke geeignet, da Let's Encrypt "rate limiting" einsetzt
+      - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
+      - "--certificatesresolvers.myresolver.acme.email=ddns@mcseeno.de"
+      - "--certificatesresolvers.myresolver.acme.storage=/etc/traefik/ACME/acme.json"
     volumes:
-      - /etc/localtime:/etc/localtime:ro
-      - /etc/timezone:/etc/timezone:ro
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-      - /docker/traefik_v2x/config:/etc/traefik
-    labels:
-      - "traefik.enable=false"
-#      - "traefik.loadbalancer.server.port=8080"
-#      - "traefik.http.routers.traefik.rule=Host(`tr43f1k.czechman.dynvpn.de`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
-#      - "traefik.http.routers.traefik.tls.certresolver=default"
-#      - "traefik.http.routers.traefik.entrypoints=websecure"
-#      - "traefik.http.routers.traefik.entrypoints=web"
-#      - "traefik.http.routers.traefik.service=dasboard@internal"
-#      - "traefik.http.routers.traefik.middlewares=auth@docker"
-#      - "traefik.http.middlewares.api-auth.basicauth.users=McSeeno:$$2y$$13$$maYBYazCRDGmcKdSy/QA0eWBUEIpobxcUy.z68fnifcpoCqWm18wW,gast:$$apr1$$cGUjveuw$$jbRcmTDOfAsqcc9FfsNvG0" # Siehe Anleitung
-    networks:
-      - traefik_proxy
-      - default
+      - "/etc/localtime:/etc/localtime:ro"
+      - "/etc/timezone:/etc/timezone:ro"
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      - "/docker/traefik_v2x/config:/etc/traefik"
     ports:
       - "80:80"
       - "443:443"
       - "8888:8080"
     restart: always
+    labels:
+      - "traefik.enable=false"
+#      - "traefik.loadbalancer.server.port=8080"
+      - "traefik.http.routers.traefik_api.rule=Host(`tr43f1k.czechman.dynvpn.de`)"
+      - "traefik.http.routers.traefik_api.service=api@internal"
+      - "traefik.http.routers.traefik_api.middlewares=auth"
+      - "traefik.http.routers.traefik_api.entrypoints=websecure"
+      - "traefik.http.routers.traefik_api.tls.certresolver=myresolver"
+#      - "traefik.http.routers.traefik.entrypoints=web"
+#      - "traefik.http.middlewares.api-auth.basicauth.users=McSeeno:$$2y$$13$$maYBYazCRDGmcKdSy/QA0eWBUEIpobxcUy.z68fnifcpoCqWm18wW,gast:$$apr1$$cGUjveuw$$jbRcmTDOfAsqcc9FfsNvG0" # Siehe Anleitung
+    networks:
+      - traefik_proxy
+#      - default
+
+  whoami:
+    image: "containous/whoami"
+    container_name: "simple-service"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.whoami.rule=Host(`wai.czechman.dynvpn.de`)"
+      - "traefik.http.routers.whoami.entrypoints=websecure"
+      - "traefik.http.routers.whoami.tls.certresolver=myresolver"
+    networks:
+     - "traefik_proxy"
 
 networks:
   traefik_proxy:
     external:
       name: traefik_proxy
-  default:
-    driver: bridge