35 lines
1.3 KiB
YAML
35 lines
1.3 KiB
YAML
services:
|
|
adminer:
|
|
image: adminer:${TAG}
|
|
container_name: $SUBDOMAIN
|
|
restart: always
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.$SUBDOMAIN.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`)
|
|
- traefik.http.routers.$SUBDOMAIN.tls=true
|
|
- traefik.http.routers.$SUBDOMAIN.entrypoints=web,websecure
|
|
- traefik.http.routers.$SUBDOMAIN.tls.certresolver=cloudflare
|
|
- traefik.http.middlewares.$SUBDOMAIN.headers.SSLRedirect=true
|
|
- traefik.http.middlewares.$SUBDOMAIN.headers.STSSeconds=315360000
|
|
- traefik.http.middlewares.$SUBDOMAIN.headers.browserXSSFilter=true
|
|
- traefik.http.middlewares.$SUBDOMAIN.headers.contentTypeNosniff=true
|
|
- traefik.http.middlewares.$SUBDOMAIN.headers.forceSTSHeader=true
|
|
- traefik.http.middlewares.$SUBDOMAIN.headers.SSLHost=${DOMAIN_NAME}
|
|
- traefik.http.middlewares.$SUBDOMAIN.headers.STSIncludeSubdomains=true
|
|
- traefik.http.middlewares.$SUBDOMAIN.headers.STSPreload=true
|
|
- traefik.http.middlewares.$SUBDOMAIN.headers.frameDeny=true
|
|
- traefik.http.routers.$SUBDOMAIN.middlewares=authentik-forwardauth@docker
|
|
- traefik.http.services.$SUBDOMAIN.loadbalancer.server.port=8080
|
|
- traefik.docker.network=mgmt
|
|
env_file:
|
|
- .env
|
|
networks:
|
|
- mgmt
|
|
- db
|
|
networks:
|
|
mgmt:
|
|
external:
|
|
true
|
|
db:
|
|
external:
|
|
true |