compose/production/traefik/traefik.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

log:
  level: INFO

entryPoints:
  web:
    # http
    address: ':80'
    http:
      # https://doc.traefik.io/traefik/routing/entrypoints/#entrypoint
      redirections:
        entryPoint:
          to: web-secure

  web-secure:
    # https
    address: ':443'

  flower:
    address: ':5555'

certificatesResolvers:
  letsencrypt:
    # https://doc.traefik.io/traefik/https/acme/#lets-encrypt
    acme:
      email: 'y@yulqen.org'
      storage: /etc/traefik/acme/acme.json
      # https://doc.traefik.io/traefik/https/acme/#httpchallenge
      httpChallenge:
        entryPoint: web

http:
  routers:
    web-secure-router:
      rule: 'Host(`resources.joannalemon.com`)'
      entryPoints:
        - web-secure
      middlewares:
        - csrf
      service: django
      tls:
        # https://doc.traefik.io/traefik/routing/routers/#certresolver
        certResolver: letsencrypt

    flower-secure-router:
      rule: 'Host(`resources.joannalemon.com`)'
      entryPoints:
        - flower
      service: flower
      tls:
        # https://doc.traefik.io/traefik/master/routing/routers/#certresolver
        certResolver: letsencrypt

  middlewares:
    csrf:
      # https://doc.traefik.io/traefik/master/middlewares/http/headers/#hostsproxyheaders
      # https://docs.djangoproject.com/en/dev/ref/csrf/#ajax
      headers:
        hostsProxyHeaders: ['X-CSRFToken']

  services:
    django:
      loadBalancer:
        servers:
          - url: http://django:5000

    flower:
      loadBalancer:
        servers:
          - url: http://flower:5555

providers:
  # https://doc.traefik.io/traefik/master/providers/file/
  file:
    filename: /etc/traefik/traefik.yml
    watch: true