networks: traefik-net: driver: overlay name: traefik-net attachable: true volumes: traefik-certs: name: traefik-certs services: traefik: image: traefik:v2.10 command: - --api.dashboard=true - --providers.docker - --providers.docker.network=traefik-net - --providers.docker.exposedbydefault=false - --providers.docker.swarmMode=true - --entrypoints.web.address=:80 - --entrypoints.web.http.redirections.entryPoint.to=websecure - --entrypoints.web.http.redirections.entryPoint.scheme=https - --entrypoints.web.http.redirections.entrypoint.permanent=true - --entrypoints.websecure.address=:443 - --certificatesresolvers.le.acme.tlschallenge=true - --certificatesresolvers.le.acme.email=${EMAIL} - --certificatesresolvers.le.acme.storage=/letsencrypt/acme.json ports: - target: 80 published: 80 mode: host - target: 443 published: 443 mode: host volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - traefik-certs:/letsencrypt networks: - traefik-net deploy: placement: constraints: - node.role == manager # labels: # - traefik.enable=true # - traefik.http.routers.dashboard.rule = PathPrefix(`/traefik`) # - traefik.http.routers.dashboard.service=api@internal # - traefik.http.routers.dashboard.middlewares=auth # - traefik.http.services.dashboard.loadbalancer.server.port=8080 # - traefik.http.middlewares.auth.basicauth.users=krop:$$apr1$$YAMELker$$W7BRLr8GbsqVdaVjp9qOI/