From 7dfed3f9a8c7a966c82b712fa3d35b3ecf911a94 Mon Sep 17 00:00:00 2001
From: luorijun <luorijun@outlook.com>
Date: Sat, 14 Mar 2026 17:14:57 +0800
Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E8=BE=85=E5=8A=A9=E8=87=AA?=
 =?UTF-8?q?=E7=AD=BE=E5=90=8D=E7=AB=AF=E5=8F=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .gitignore               |  1 +
 README                   |  1 -
 README.md                | 27 +++++++++++++++++++++++++++
 docker-compose.yaml      | 13 +++++++++++++
 traefik/configs/tls.yaml |  4 ++++
 5 files changed, 45 insertions(+), 1 deletion(-)
 delete mode 100644 README
 create mode 100644 README.md
 create mode 100644 traefik/configs/tls.yaml

diff --git a/.gitignore b/.gitignore
index 4c49bd7..2f44815 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 .env
+traefik/gen
diff --git a/README b/README
deleted file mode 100644
index 572005a..0000000
--- a/README
+++ /dev/null
@@ -1 +0,0 @@
-这里是本机 http 网关容器的配置目录，使用了 traefik 作为网关组件，可以自动化证书申请与更新
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..6e37af8
--- /dev/null
+++ b/README.md
@@ -0,0 +1,27 @@
+# Ingress
+
+这里是本机 http 网关容器的配置，使用了 traefik 作为网关组件，可以自动化证书申请与更新
+
+## 部署项目
+
+1. 生成自签名证书
+
+```bash
+mkdir -p traefik/gen/certs
+openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
+  -keyout traefik/gen/certs/local.key -out traefik/gen/certs/local.crt \
+  -subj "/CN=*.lanhuip.com"
+```
+
+2. 创建 acme.json 文件
+
+```bash
+touch traefik/gen/acme.json
+chmod 600 traefik/gen/acme.json
+```
+
+3. 启动项目
+
+```bash
+docker-compose up -d
+```
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 82ba0bb..c35a1ba 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -11,11 +11,19 @@ services:
       - "--providers.docker=true"
       - "--providers.docker.exposedbydefault=false"
       - "--providers.docker.network=expose"
+      - "--providers.file.directory=/configs"
+
       - "--entrypoints.web.address=:80"
       - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
       - "--entrypoints.websecure.address=:443"
       - "--entrypoints.websecure.http.tls=true"
       - "--entrypoints.websecure.http.tls.certresolver=letsencrypt"
+
+      - "--entrypoints.webdev.address=:880"
+      - "--entrypoints.webdev.http.redirections.entrypoint.to=websecuredev"
+      - "--entrypoints.websecuredev.address=:8554"
+      - "--entrypoints.websecuredev.http.tls=true"
+
       - "--certificatesresolvers.letsencrypt.acme.email=acme@lanhuip.com"
       - "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
       - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
@@ -29,8 +37,13 @@ services:
     ports:
       - 80:80
       - 443:443
+      - 880:880
+      - 8554:8554
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./traefik/configs:/configs:ro
+      - ./traefik/gen/certs:/certs:ro
+      - ./traefik/gen/acme.json:/acme.json
 
 networks:
   expose:
diff --git a/traefik/configs/tls.yaml b/traefik/configs/tls.yaml
new file mode 100644
index 0000000..091631f
--- /dev/null
+++ b/traefik/configs/tls.yaml
@@ -0,0 +1,4 @@
+tls:
+  certificates:
+    - certFile: /certs/local.crt
+      keyFile: /certs/local.key