services: traefik: image: "traefik:v3.3" container_name: "traefik" depends_on: tracs3: condition: service_completed_successfully command: - "--log.level=info" - "--log.maxsize=100" - "--log.maxage=3" - "--metrics.prometheus=true" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" - "--entryPoints.web.address=:80" - "--entryPoints.name.allowACMEByPass=true" - "--entryPoints.websecure.address=:443" - "--entryPoints.websecure.http3" - "--entryPoints.websecure.http.tls=true" - "--entryPoints.ssh.address=:2222" - "--entryPoints.sshgitlab.address=:2223" - "--providers.docker=true" - "--providers.file.directory=/traefik" - "--providers.redis.endpoints=${TRAEFIK_KOP_REDIS_ADDR}" - "--providers.redis.password=${TRAEFIK_KOP_REDIS_PASS}" ports: - target: 80 published: 80 protocol: tcp mode: host - target: 443 published: 443 protocol: tcp mode: host - target: 443 published: 443 protocol: udp mode: host - target: 2222 published: 2222 protocol: tcp mode: host - target: 2223 published: 2223 protocol: tcp mode: host volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" - "/etc/traefik/sites:/traefik" - "certificates:/certificates" networks: - traefik_internal epee: image: "git.gnous.eu/enpls/epee-service:stable" container_name: "epee" ports: - "5900:5900" networks: - traefik_internal tracs3: image: ghcr.io/outout14/traefik-acme-s3:main env_file: - tracs3.env command: - "sync" volumes: - "/etc/traefik/sites:/configs" - "certificates:/certificates" network_mode: "host" environment: - AWS_REGION=${TRACS_AWS_REGION} - AWS_DEFAULT_REGION=${TRACS_AWS_REGION} - AWS_ENDPOINT_URL=${TRACS_S3_ENDPOINT} - AWS_S3_ENDPOINT=${TRACS_S3_ENDPOINT} - AWS_S3API_ENDPOINT=${TRACS_S3_ENDPOINT} - AWS_ACCESS_KEY_ID=${TRACS_S3_ACCESS_KEY_ID} - AWS_SECRET_ACCESS_KEY=${TRACS_S3_SECRET} - CLOSET_BUCKET=${TRACS_CLOSET_BUCKET} - CLOSET_PASSWORD=${TRACS_CLOSET_PASSWORD} tracs3-certificate-sync: image: mcuadros/ofelia:latest restart: always depends_on: tracs3: condition: service_completed_successfully command: daemon --docker volumes: - /var/run/docker.sock:/var/run/docker.sock:ro labels: ofelia.job-run.certificate-rotate.schedule: "@every 10m" ofelia.job-run.certificate-rotate.command: "sh -c 'docker restart front-http-par-tracs3-1'" ofelia.job-run.certificate-rotate.image: "docker:cli" ofelia.job-run.certificate-rotate.volume: "/var/run/docker.sock:/var/run/docker.sock" volumes: certificates: networks: traefik_internal: enable_ipv6: true