traefik/traefik.yml.tmpl

---
log:
  level: {{ env "LOG_LEVEL" }}

providers:
  docker:
    endpoint: "tcp://socket-proxy:2375"
    exposedByDefault: false
    network: proxy
    swarmMode: true
  {{ if eq (env "FILE_PROVIDER_DIRECTORY_ENABLED") "1" }}
  file:
    directory: /etc/traefik/file-providers
    watch: true
  {{ else }}
  file:
    filename: /etc/traefik/file-provider.yml
  {{ end }}

api:
  dashboard: {{ env "DASHBOARD_ENABLED" }}
  debug: false

entrypoints:
  web:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: web-secure
  web-secure:
    address: ":443"
  {{ if eq (env "GITEA_SSH_ENABLED") "1" }}
  gitea-ssh:
    address: ":2222"
  {{ end }}
  {{ if eq (env "FOODSOFT_SMTP_ENABLED") "1" }}
  foodsoft-smtp:
    address: ":2525"
  {{ end }}
  {{ if eq (env "SMTP_ENABLED") "1" }}
  smtp-submission:
    address: ":587"
  {{ end }}
  {{ if eq (env "PEERTUBE_RTMP_ENABLED") "1" }}
  peertube-rtmp:
    address: ":1935"
  {{ end }}
  {{ if eq (env "WEB_ALT_ENABLED") "1" }}
  web-alt:
    address: ":8000"
  {{ end }}
  {{ if eq (env "SSB_MUXRPC_ENABLED") "1" }}
  ssb-muxrpc:
    address: ":8008"
  {{ end }}
  {{ if eq (env "MSSQL_ENABLED") "1" }}
  mssql:
    address: ":1433"
  {{ end }}
  {{ if eq (env "MUMBLE_ENABLED") "1" }}
  mumble:
    address: ":64738"
  mumble-udp:
    address: ":64738/udp"
  {{ end }}
  {{ if eq (env "COMPY_ENABLED") "1" }}
  compy:
    address: ":9999"
  {{ end }}
  {{ if eq (env "METRICS_ENABLED") "1" }}
  metrics:
    address: ":8082"
    http:
      middlewares:
        - basicauth@file
  {{ end }}
  {{ if eq (env "MATRIX_FEDERATION_ENABLED") "1" }}
  matrix-federation:
    address: ":9001"
  {{ end }}

ping:
  entryPoint: web

{{ if eq (env "METRICS_ENABLED") "1" }}
metrics:
  prometheus:
    entryPoint: metrics
    addRoutersLabels: true
    addServicesLabels: true
{{ end }}

certificatesResolvers:
  staging:
    acme:
      email: {{ env "LETS_ENCRYPT_EMAIL" }}
      storage: /etc/letsencrypt/staging-acme.json
      caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
      httpChallenge:
        entryPoint: web
      {{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
      dnsChallenge:
        provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
        resolvers:
          - "1.1.1.1:53"
          - "8.8.8.8:53"
      {{ end }}
  production:
    acme:
      email: {{ env "LETS_ENCRYPT_EMAIL" }}
      storage: /etc/letsencrypt/production-acme.json
      httpChallenge:
        entryPoint: web
      {{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
      dnsChallenge:
        provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
        resolvers:
          - "1.1.1.1:53"
          - "9.9.9.9:53"
      {{ end }}