initial docker setup

project/infrastructure/traefik/traefik.yml

@@ -0,0 +1,47 @@
+services:
+  traefik:
+    extends:
+      file: ${TEMPLATES_PATH}
+      service: default
+    image: "traefik:latest"
+    container_name: "traefik"
+    ports:
+      - "80:80"
+      - "443:443"
+      - "8079:8080"
+    environment:
+      TRAEFIK_LOCAL_DOMAIN: ${LOCAL_DOMAIN}
+      TRAEFIK_PUBLIC_DOMAIN: ${PUBLIC_DOMAIN}
+      TRAEFIK_AUTH_PUBLIC_DOMAIN: auth.${PUBLIC_DOMAIN}
+    volumes:
+      - "/var/log/crowdsec/:/var/log/crowdsec/"
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      - "${INFRA_PATH}/traefik/letsencrypt:/letsencrypt"
+      - "${INFRA_PATH}/traefik/config:/etc/traefik"
+      - "${INFRA_PATH}/traefik/certs:/etc/certs"
+    labels:
+      # Watchtower
+      - "com.centurylinklabs.watchtower.enable=true"
+      # Traefik
+      - "traefik.enable=true"
+      - "traefik.http.routers.traefik.service=api@internal"
+      - "traefik.http.routers.traefik.rule=Host(`traefik.${LOCAL_DOMAIN}`)"
+      - "traefik.http.routers.traefik.entrypoints=https"
+      - "traefik.http.routers.traefik.tls=true"
+
+  whoami:
+    extends:
+      file: ${TEMPLATES_PATH}
+      service: default
+    image: traefik/whoami:latest
+    container_name: "traefik-whoami"
+    labels:
+      # Watchtower
+      - "com.centurylinklabs.watchtower.enable=true"
+      # traefik
+      - "traefik.enable=true"
+      - "traefik.http.routers.whoami.rule=Host(`whoami.${PUBLIC_DOMAIN}`)"
+      - "traefik.http.routers.whoami.entrypoints=https"
+      - 'traefik.http.routers.whoami.tls=true'
+      - "traefik.http.routers.whoami.tls.certresolver=myresolver"
+      - "traefik.http.routers.whoami.middlewares=authelia@file,crowdsec-bouncer@file"