Add traefik (#1916)

* Add mosquitto broker * Add documetation to mosquitto * Add traefik

Add traefik (#1916)
* Add mosquitto broker * Add documetation to mosquitto * Add traefik
eb0c9413 · Luis Coutinho · Shao Yu-Lung (Allen) · d27f4368 · eb0c9413 · eb0c9413
Commit eb0c9413 authored Feb 09, 2019 by Luis Coutinho Committed by Shao Yu-Lung (Allen) Feb 09, 2019
6 changed files
--- a/DOCUMENTATION/content/documentation/index.md
+++ b/DOCUMENTATION/content/documentation/index.md
@@ -1121,6 +1121,87 @@ docker-compose up -d grafana



+<br>
+<a name="Use-Traefik"></a>
+## Use Traefik
+
+To use Traefik you need to do some changes in `traefik/trafik.toml` and `docker-compose.yml`.
+
+1 - Open `traefik.toml` and change the `e-mail` property in `acme` section.
+
+2 - Change your domain in `acme.domains`. For example: `main = "example.org"`
+
+2.1 - If you have subdomains, you must add them to `sans` property in `acme.domains` section.
+
+```bash
+[[acme.domais]]
+  main = "example.org"
+  sans = ["monitor.example.org", "pma.example.org"]
+```
+
+3 - If you need to add basic authentication (https://docs.traefik.io/configuration/entrypoints/#basic-authentication), you just need to add the following text after `[entryPoints.https.tls]`:
+
+```bash
+[entryPoints.https.auth.basic]
+  users = ["user:password"]
+```
+
+4 - You need to change the `docker-compose.yml` file to match the Traefik needs. If you want to use Traefik, you must not expose the ports of each container to the internet, but specify some labels.
+
+4.1 For example, let's try with NGINX. You must have:
+
+```bash
+nginx:
+  build:
+    context: ./nginx
+    args:
+      - PHP_UPSTREAM_CONTAINER=${NGINX_PHP_UPSTREAM_CONTAINER}
+      - PHP_UPSTREAM_PORT=${NGINX_PHP_UPSTREAM_PORT}
+      - CHANGE_SOURCE=${CHANGE_SOURCE}
+  volumes:
+    - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}
+    - ${NGINX_HOST_LOG_PATH}:/var/log/nginx
+    - ${NGINX_SITES_PATH}:/etc/nginx/sites-available
+  depends_on:
+    - php-fpm
+  networks:
+    - frontend
+    - backend
+  labels:
+    - traefik.backend=nginx
+    - traefik.frontend.rule=Host:example.org
+    - traefik.port=80
+```
+
+instead of
+
+```bash
+nginx:
+  build:
+    context: ./nginx
+    args:
+      - PHP_UPSTREAM_CONTAINER=${NGINX_PHP_UPSTREAM_CONTAINER}
+      - PHP_UPSTREAM_PORT=${NGINX_PHP_UPSTREAM_PORT}
+      - CHANGE_SOURCE=${CHANGE_SOURCE}
+  volumes:
+    - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}
+    - ${NGINX_HOST_LOG_PATH}:/var/log/nginx
+    - ${NGINX_SITES_PATH}:/etc/nginx/sites-available
+    - ${NGINX_SSL_PATH}:/etc/nginx/ssl
+  ports:
+    - "${NGINX_HOST_HTTP_PORT}:80"
+    - "${NGINX_HOST_HTTPS_PORT}:443"
+  depends_on:
+    - php-fpm
+  networks:
+    - frontend
+    - backend
+```
+
+
+
+
+
 <br>
 <a name="Use-Mosquitto"></a>
 ## Use Mosquitto (MQTT Broker)
@@ -1144,7 +1225,6 @@ docker-compose up -d mosquitto



-
 <br>
 <a name="CodeIgniter"></a>


--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1331,6 +1331,24 @@ services:
          aliases:
            - fetchmail

+### TRAEFIK #########################################
+    traefik:
+      build:
+        context: ./traefik
+      command: --docker
+      volumes:
+        - /var/run/docker.sock:/var/run/docker.sock
+      ports:
+        - "${TRAEFIK_HOST_HTTP_PORT}:80"
+        - "${TRAEFIK_HOST_HTTPS_PORT}:443"
+      networks:
+        - frontend
+        - backend
+      labels:
+        - traefik.backend=traefik
+        - traefik.frontend.rule=Host:monitor.localhost
+        - traefik.port=8080
+
 ### MOSQUITTO Broker #########################################
    mosquitto:
      build:

--- a/env-example
+++ b/env-example
@@ -623,6 +623,13 @@ MAILU_WEBMAIL=rainloop
 # Dav server implementation (value: radicale, none)
 MAILU_WEBDAV=radicale

+
+### TRAEFIK #################################################
+
+TRAEFIK_HOST_HTTP_PORT=80
+TRAEFIK_HOST_HTTPS_PORT=443
+
+
 ### MOSQUITTO #################################################

 MOSQUITTO_PORT=9001
--- a/traefik/Dockerfile
+++ b/traefik/Dockerfile
+FROM traefik:1.7.5-alpine
+
+LABEL maintainer="Luis Coutinho <luis@luiscoutinho.pt>"
+
+COPY traefik.toml acme.json /
+
+RUN chmod 600 /acme.json
--- a/traefik/acme.json
+++ b/traefik/acme.json
--- a/traefik/traefik.toml
+++ b/traefik/traefik.toml
+defaultEntryPoints = ["http", "https"]
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":80"
+    [entryPoints.http.redirect]
+      entryPoint = "https"
+  [entryPoints.https]
+  address = ":443"
+    [entryPoints.https.tls]
+
+[web]
+address = ":8080"
+[acme]
+email = "email@example.org"
+storage = "acme.json"
+entryPoint = "https"
+onHostRule = true
+  [acme.httpChallenge]
+    entryPoint = "http"
+
+[[acme.domais]]
+  main = "localhost"