traefik/docker-compose-global.yml

services:
  traefik:
    image: traefik:v3.1
    container_name: ${TRAEFIK_NAME:-traefik}
    restart: unless-stopped

    command:
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"

      # Let's Encrypt (optional, aber hier aktiviert)
      - "--certificatesresolvers.le.acme.httpchallenge=true"
      - "--certificatesresolvers.le.acme.httpchallenge.entrypoint=web"
      - "--certificatesresolvers.le.acme.email=${TRAEFIK_ACME_EMAIL:-admin@example.com}"
      - "--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json"

      # Dashboard
      - "--api.dashboard=true"
      - "--api.insecure=false"

    ports:
      - "${TRAEFIK_HTTP_PORT:-80}:80"
      - "${TRAEFIK_HTTPS_PORT:-443}:443"
      - "${TRAEFIK_DASHBOARD_PORT:-8080}:8080"

    volumes:
      # Docker Socket (Read-Only)
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

      # Parametrisierter Speicherort für Let's Encrypt + Fallback
      - "${TRAEFIK_DATA_PATH:-/opt/traefik}/letsencrypt:/letsencrypt"

    networks:
      - proxy

    labels:
      - "traefik.enable=true"

      # Dashboard über HTTPS
      - "traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DASHBOARD_HOST:-traefik.local}`)"
      - "traefik.http.routers.traefik.service=api@internal"
      - "traefik.http.routers.traefik.entrypoints=websecure"
      - "traefik.http.routers.traefik.tls.certresolver=le"

networks:
  proxy:
    name: proxy
    driver: bridge
traefik/docker-compose-global.yml hinzugefügt 2026-01-02 19:39:47 +00:00			`services:`
			`traefik:`
			`image: traefik:v3.1`
			`container_name: ${TRAEFIK_NAME:-traefik}`
			`restart: unless-stopped`

			`command:`
			`- "--providers.docker=true"`
			`- "--providers.docker.exposedbydefault=false"`
			`- "--entrypoints.web.address=:80"`
			`- "--entrypoints.websecure.address=:443"`

traefik/docker-compose-global.yml aktualisiert 2026-01-02 19:56:55 +00:00			`# Let's Encrypt (optional, aber hier aktiviert)`
traefik/docker-compose-global.yml hinzugefügt 2026-01-02 19:39:47 +00:00			`- "--certificatesresolvers.le.acme.httpchallenge=true"`
			`- "--certificatesresolvers.le.acme.httpchallenge.entrypoint=web"`
			`- "--certificatesresolvers.le.acme.email=${TRAEFIK_ACME_EMAIL:-admin@example.com}"`
			`- "--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json"`

			`# Dashboard`
			`- "--api.dashboard=true"`
traefik/docker-compose-global.yml aktualisiert 2026-01-02 19:56:55 +00:00			`- "--api.insecure=false"`
traefik/docker-compose-global.yml hinzugefügt 2026-01-02 19:39:47 +00:00
			`ports:`
			`- "${TRAEFIK_HTTP_PORT:-80}:80"`
			`- "${TRAEFIK_HTTPS_PORT:-443}:443"`
			`- "${TRAEFIK_DASHBOARD_PORT:-8080}:8080"`

			`volumes:`
traefik/docker-compose-global.yml aktualisiert 2026-01-02 19:56:55 +00:00			`# Docker Socket (Read-Only)`
traefik/docker-compose-global.yml hinzugefügt 2026-01-02 19:39:47 +00:00			`- "/var/run/docker.sock:/var/run/docker.sock:ro"`
traefik/docker-compose-global.yml aktualisiert 2026-01-02 19:56:55 +00:00
			`# Parametrisierter Speicherort für Let's Encrypt + Fallback`
			`- "${TRAEFIK_DATA_PATH:-/opt/traefik}/letsencrypt:/letsencrypt"`
traefik/docker-compose-global.yml hinzugefügt 2026-01-02 19:39:47 +00:00
			`networks:`
			`- proxy`

			`labels:`
			`- "traefik.enable=true"`

			`# Dashboard über HTTPS`
			- "traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DASHBOARD_HOST:-traefik.local}`)"
			`- "traefik.http.routers.traefik.service=api@internal"`
			`- "traefik.http.routers.traefik.entrypoints=websecure"`
			`- "traefik.http.routers.traefik.tls.certresolver=le"`

			`networks:`
			`proxy:`
			`name: proxy`
			`driver: bridge`