home-server-docker/project/infrastructure/traefik/traefik.yml

services:
  traefik:
    extends:
      file: ${TEMPLATES_PATH}
      service: default
    image: traefik:v3.6.7
    container_name: traefik
    ports:
      - "80:80"
      - "443:443"
      - "8079:8080"
    networks:
      - ip6net
      - ip4net
    environment:
      TRAEFIK_EMAIL: ${EMAIL}
      TRAEFIK_LOCAL_DOMAIN: ${LOCAL_DOMAIN}
      TRAEFIK_PUBLIC_DOMAIN: ${PUBLIC_DOMAIN}
      TRAEFIK_AUTH_PUBLIC_DOMAIN: auth.${PUBLIC_DOMAIN}
      TRAEFIK_CROWDSEC_API_KEY: ${CROWDSEC_API_KEY}
      INFOMANIAK_ACCESS_TOKEN: ${INFOMANIAK_CERTIFICATE_ACCESS_TOKEN}
    volumes:
      - "/var/log/crowdsec/:/var/log/crowdsec/"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "${INFRA_PATH}/traefik/letsencrypt:/letsencrypt"
      - "${INFRA_PATH}/traefik/config:/etc/traefik"
      - "${INFRA_PATH}/traefik/certs:/etc/certs"
      - "${INFRA_PATH}/traefik/html/ban.html:/ban.html"
      - "${INFRA_PATH}/traefik/html/captcha.html:/captcha.html"
    labels:
      # Traefik
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.service=api@internal"
      - "traefik.http.routers.traefik.rule=Host(`traefik.${LOCAL_DOMAIN}`)"
      - "traefik.http.routers.traefik.entrypoints=https"
      - "traefik.http.routers.traefik.tls=true"

  traefik-agent:
    extends:
      file: ${TEMPLATES_PATH}
      service: default
    image: hhftechnology/traefik-log-dashboard-agent:2.4.1
    container_name: traefik-log-dashboard-agent
    networks:
      - ip4net
    ports:
      - "8078:5000"
    volumes:
      - "/var/log/crowdsec/:/logs:ro"
      - "${INFRA_PATH}/traefik/log-dashboard/positions:/data"
    environment:
      TRAEFIK_LOG_DASHBOARD_ACCESS_PATH: /logs/traefik.log
      TRAEFIK_LOG_DASHBOARD_AUTH_TOKEN: ${TRAEFIK_DASHBOARD_TOKEN}
      TRAEFIK_LOG_DASHBOARD_SYSTEM_MONITORING: true
      TRAEFIK_LOG_DASHBOARD_LOG_FORMAT: json
    healthcheck:
      test:
        [
          "CMD",
          "wget",
          "--no-verbose",
          "--tries=1",
          "--spider",
          "http://localhost:5000/api/logs/status",
        ]
      interval: 2m
      timeout: 10s
      retries: 3
      start_period: 30s

  traefik-dashboard:
    extends:
      file: ${TEMPLATES_PATH}
      service: default
    image: hhftechnology/traefik-log-dashboard:2.4.0
    container_name: traefik-log-dashboard
    networks:
      - ip4net
    ports:
      - "8077:3000"
    volumes:
      - ./data/dashboard:/app/data
      - "${INFRA_PATH}/traefik/log-dashboard/dashboard:/app/data"
      - "${INFRA_PATH}/traefik/log-dashboard/positions:/data"
    environment:
      AGENT_API_URL: http://192.168.178.35:8078
      AGENT_API_TOKEN: ${TRAEFIK_DASHBOARD_TOKEN}
      # Display Configuration
      NEXT_PUBLIC_SHOW_DEMO_PAGE: false
    depends_on:
      traefik-agent:
        condition: service_healthy
    labels:
      # traefik
      - "traefik.enable=true"
      - "traefik.http.routers.traefik-log-dashboard.rule=Host(`traefik-dashboard.${LOCAL_DOMAIN}`)"
      - "traefik.http.routers.traefik-log-dashboard.entrypoints=https"
      - "traefik.http.routers.traefik-log-dashboard.tls=true"

  whoami:
    extends:
      file: ${TEMPLATES_PATH}
      service: default
    image: traefik/whoami:v1.11
    container_name: traefik-whoami
    networks:
      - ip4net
    labels:
      # traefik
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.rule=Host(`whoami.${LOCAL_DOMAIN}`)"
      - "traefik.http.routers.whoami.entrypoints=https"
      - "traefik.http.routers.whoami.tls=true"