From c14f197bc2874dcdd2ba1b7a85b79ada353bf197 Mon Sep 17 00:00:00 2001 From: Teck Meng Date: Fri, 6 Sep 2024 13:46:39 +0800 Subject: [PATCH] refactor: Update traefik-public and traefik-public-local HTTPS routers in Swarm core.yml and local_core.yml --- swarm/local_core.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/swarm/local_core.yml b/swarm/local_core.yml index b6d3127..e7ce6e6 100644 --- a/swarm/local_core.yml +++ b/swarm/local_core.yml @@ -96,7 +96,8 @@ services: # Add Docker as a mounted volume, so that Traefik can read the labels of other services - /var/run/docker.sock:/var/run/docker.sock:ro # Mount the volume to store the certificates - - /var/data/config/traefik/certs:/certs:rw + - traefik-public-certificates:/certificates + - /var/data/config/traefik/certs:/certs:ro # Mount the configuration file for Traefik - /var/data/config/traefik/local_dynamic.yml:/etc/traefik/local_dynamic.yml:ro - /var/data/config/traefik/local_services.yml:/etc/traefik/local_services.yml:ro @@ -135,7 +136,7 @@ services: - --certificatesresolvers.le.acme.email=${EMAIL?Variable not set} # Store the Let's Encrypt certificates in the mounted volume - --certificatesresolvers.le.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory - - --certificatesresolvers.le.acme.storage=/certs/acme.json + - --certificatesresolvers.le.acme.storage=/certificates/acme.json # Use the TLS Challenge for Let's Encrypt - --certificatesresolvers.le.acme.tlschallenge=true # Enable the access log, with HTTP requests @@ -180,11 +181,11 @@ services: constraints: - node.role==manager -# volumes: +volumes: # Create a volume to store the certificates, there is a constraint to make sure # Traefik is always deployed to the same Docker node with the same volume containing # the HTTPS certificates - # traefik-public-certificates: + traefik-public-certificates: networks: # Use the previously created public network "traefik-public", shared with other