manuelver/ProyectoASIR
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Esqueleto del proyecto ASIR 2022

Browse Source
This commit is contained in:
vergman2
2022-05-18 20:43:18 +02:00
commit 7395996903
17 changed files with 1356 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
traefik_portainer/docker-compose.yml Normal file
View File

@@ -0,0 +1,65 @@
version: "3"
services:
traefik:
image: traefik:latest
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
- inbound
ports:
- 80:80
- 443:443
- target: 8080
published: 8080
protocol: tcp
mode: ingress
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./traefik-data/traefik.yml:/traefik.yml:ro
- ./traefik-data/acme.json:/acme.json
- ./traefik-data/configurations:/configurations
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.routers.traefik-secure.entrypoints=websecure"
- "traefik.http.routers.traefik-secure.rule=Host(`traefik.DOMINIO`)"
- "traefik.http.routers.traefik-secure.middlewares=user-auth@file"
- "traefik.http.routers.traefik-secure.service=api@internal"
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--metrics.prometheus=true"
- "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0"
- "--providers.docker=true"
- "--providers.docker.swarmmode=true"
- "--providers.docker.watch"
portainer:
image: portainer/portainer-ce:latest
container_name: portainer
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./portainer-data:/data
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.routers.portainer-secure.entrypoints=websecure"
- "traefik.http.routers.portainer-secure.rule=Host(`portainer.DOMINIO`)"
- "traefik.http.routers.portainer-secure.service=portainer"
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
networks:
proxy:
external: true
inbound:

1
traefik_portainer/portainer-data/docker_config/config.json Normal file
View File

@@ -0,0 +1 @@
{"HttpHeaders":{"X-PortainerAgent-ManagerOperation":"1","X-PortainerAgent-PublicKey":"305930546571306072a8648ce3d020106082a8648ce3d030107034200044779101e797fd3d74da58266f518a88003cf7ed5f4248a30c80e83c597ecf629401a61f922ffd522007d2c88ded2ae2b9524acc2526dc9859e93df18c7dabb46","X-PortainerAgent-Signature":"J1m3SXIx0/KVQjcpRZHOjRYN2BCpR7K+WhLIsTK8YyMBS6n4542euF06Avm9GN5jXVSDBKHX6LUf7/3miYSBQkg2g"}}

27
traefik_portainer/traefik-data/configurations/dynamic.yml Normal file
View File

@@ -0,0 +1,27 @@
# Dynamic configuration
http:
middlewares:
secureHeaders:
headers:
sslRedirect: true
forceSTSHeader: true
stsIncludeSubdomains: true
stsPreload: true
stsSeconds: 31536000
user-auth:
basicAuth:
users:
- "USUARIO:PASSWORD/"
tls:
options:
default:
cipherSuites:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
minVersion: VersionTLS12

34
traefik_portainer/traefik-data/traefik.yml Normal file
View File

@@ -0,0 +1,34 @@
api:
dashboard: true
entryPoints:
web:
address: :80
http:
redirections:
entryPoint:
to: websecure
websecure:
address: :443
http:
middlewares:
- secureHeaders@file
tls:
certResolver: letsencrypt
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
file:
filename: /configurations/dynamic.yml
certificatesResolvers:
letsencrypt:
acme:
email: MAIL@mail.com
storage: acme.json
keyType: EC384
httpChallenge:
entryPoint: web