35 lines
1.3 KiB
YAML
35 lines
1.3 KiB
YAML
services:
|
|
portainer:
|
|
image: portainer/portainer-ce:${TAG:-latest}
|
|
container_name: portainer
|
|
restart: always
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.portainer.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`)
|
|
- traefik.docker.network=mgmt
|
|
- traefik.http.services.portainer.loadbalancer.server.port=9000
|
|
- traefik.http.routers.portainer.tls=true
|
|
- traefik.http.routers.portainer.entrypoints=web,websecure
|
|
- traefik.http.routers.portainer.tls.certresolver=cloudflare
|
|
- traefik.http.middlewares.portainer.headers.SSLRedirect=true
|
|
- traefik.http.middlewares.portainer.headers.STSSeconds=315360000
|
|
- traefik.http.middlewares.portainer.headers.browserXSSFilter=true
|
|
- traefik.http.middlewares.portainer.headers.contentTypeNosniff=true
|
|
- traefik.http.middlewares.portainer.headers.forceSTSHeader=true
|
|
- traefik.http.middlewares.portainer.headers.SSLHost=${DOMAIN_NAME}
|
|
- traefik.http.middlewares.portainer.headers.STSIncludeSubdomains=true
|
|
- traefik.http.middlewares.portainer.headers.STSPreload=true
|
|
- traefik.http.routers.portainer.middlewares=portainer@docker
|
|
env_file:
|
|
- .env
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
- ./data:/data
|
|
expose:
|
|
- 9000
|
|
networks:
|
|
- mgmt
|
|
networks:
|
|
mgmt:
|
|
external:
|
|
true |