mattermost-docker/docker-compose.traefik.yml at main · MilleniumStudio/mattermost-docker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
version: "2.4"

services:
  postgres:
    labels:
      - traefik.enable=false

  mattermost:
    labels:
      - traefik.http.routers.www.entrypoints=insecure
      - traefik.http.routers.www.rule=Host(`${DOMAIN}`)
      - traefik.http.middlewares.https-redirect.redirectscheme.scheme=https
      - traefik.http.middlewares.https-redirect.redirectscheme.permanent=true
      #- traefik.http.middlewares.secure-headers-www.headers.contentSecurityPolicy=default-src 'self'; script-src 'self'; style-src 'self'
      - traefik.http.routers.www.middlewares=https-redirect@docker
      - traefik.http.routers.www-secured.entrypoints=secure
      - traefik.http.routers.www-secured.rule=Host(`${DOMAIN}`)
      - traefik.http.routers.www-secured.tls=true
      - traefik.http.routers.www-secured.tls.certresolver=letsencrypt
      - traefik.http.routers.www-secured.middlewares=secure-headers@file

  traefik:
    depends_on:
      - mattermost
    container_name: traefik_mattermost
    image: traefik:${TRAEFIK_IMAGE_TAG}
    restart: ${RESTART_POLICY}
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ${TRAEFIK_CONFIG}:/traefik.toml
      - ./volumes/web/traefik_tls.toml:/traefik_tls.toml
      - ${CERT_ACME_PATH}:/acme.json
    ports:
      - ${HTTP_PORT}:80
      - ${HTTPS_PORT}:443
      - 127.0.0.1:8080:8080

networks:
  default:
    name: mattermost