commit 454459b09f668b700a1fd1f6e4118529c30f00ae Author: luorijun Date: Sat Mar 14 15:37:24 2026 +0800 初始提交 diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..687c930 --- /dev/null +++ b/.env.example @@ -0,0 +1,3 @@ +TRAEFIK_DOMAIN=ingress.docker.localhost +TRAEFIK_USERNAME=traefik +TRAEFIK_PASSWORD=$2a$12$h/QqemPee.5YkVGlLWb/cO4urRmM7ANL4rsie12Kl7Ki4np8LHQa6 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..4c49bd7 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.env diff --git a/README b/README new file mode 100644 index 0000000..572005a --- /dev/null +++ b/README @@ -0,0 +1 @@ +这里是本机 http 网关容器的配置目录,使用了 traefik 作为网关组件,可以自动化证书申请与更新 diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..82ba0bb --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,37 @@ +name: ingress + +services: + traefik: + image: traefik:latest + restart: unless-stopped + networks: + - default + - expose + command: + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--providers.docker.network=expose" + - "--entrypoints.web.address=:80" + - "--entrypoints.web.http.redirections.entrypoint.to=websecure" + - "--entrypoints.websecure.address=:443" + - "--entrypoints.websecure.http.tls=true" + - "--entrypoints.websecure.http.tls.certresolver=letsencrypt" + - "--certificatesresolvers.letsencrypt.acme.email=acme@lanhuip.com" + - "--certificatesresolvers.letsencrypt.acme.httpchallenge=true" + - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web" + - "--api.dashboard=true" + labels: + - "traefik.enable=true" + - "traefik.http.routers.dashboard.rule=Host(`$TRAEFIK_DOMAIN`)" + - "traefik.http.routers.dashboard.service=api@internal" + - "traefik.http.routers.dashboard.middlewares=basicauth" + - "traefik.http.middlewares.basicauth.basicauth.users=$TRAEFIK_USERNAME:$TRAEFIK_PASSWORD" + ports: + - 80:80 + - 443:443 + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + +networks: + expose: + external: true