48 lines
1.8 KiB
YAML
48 lines
1.8 KiB
YAML
# Docker Compose for Portainer with Traefik Labels
|
|
#
|
|
# This configuration deploys the Portainer Community Edition container
|
|
# and uses Docker labels to integrate it with a running Traefik instance.
|
|
#
|
|
version: '3.8'
|
|
|
|
services:
|
|
portainer:
|
|
image: portainer/portainer-ce:latest
|
|
container_name: portainer
|
|
restart: unless-stopped
|
|
# The command tells Portainer to manage the local Docker environment.
|
|
command: -H unix:///var/run/docker.sock
|
|
ports:
|
|
- 8000:8000/tcp
|
|
- 9443:9443/tcp
|
|
volumes:
|
|
# Mount the Docker socket to allow Portainer to manage containers.
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
# A named volume for Portainer's persistent data.
|
|
- /docker/portainer:/data
|
|
networks:
|
|
# Connect Portainer to your existing Traefik proxy network.
|
|
# IMPORTANT: Replace 'proxy' with the actual name of your Traefik network.
|
|
- proxy
|
|
labels:
|
|
traefik.enable: 'true'
|
|
traefik.docker.network: proxy
|
|
traefik.http.routers.portainer.rule: Host(`edgeweb.kaspers.us`)
|
|
traefik.http.routers.portainer.entrypoints: 'websecure'
|
|
traefik.http.routers.portainer.tls.certresolver: 'letsencrypt'
|
|
traefik.http.services.portainer.loadbalancer.server.port: '9443'
|
|
traefik.http.services.portainer.loadbalancer.server.scheme: 'https'
|
|
traefik.http.routers.portainer.tls: 'true'
|
|
|
|
# --- Authentik Middleware (Optional) ---
|
|
# If you have Authentik configured as a middleware in Traefik,
|
|
# uncomment the line below to protect the Portainer dashboard.
|
|
# Replace 'authentik@docker' if your middleware has a different name.
|
|
# - "traefik.http.routers.portainer.middlewares=authentik@docker"
|
|
|
|
|
|
networks:
|
|
# Define the external network created by your main Traefik stack.
|
|
# This tells Docker Compose not to create a new network.
|
|
proxy:
|
|
external: true |