apunkt/dograh
1
0
Fork 0
mirror of https://github.com/dograh-hq/dograh.git synced 2026-06-22 08:38:13 +02:00
Code Issues Projects Releases Packages Wiki Activity
dograh/deploy/hostinger/docker-compose.traefik.yaml
Abhishek bb334106ad
Add Hostinger (managed-Traefik) deployment files (#459) 
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-21 14:41:28 +05:30

58 lines
2.6 KiB
YAML
Raw Blame History

# Standalone Traefik + Let's Encrypt — STANDS IN FOR Hostinger's managed Traefik.
# =================================================================
# On Hostinger's VPS Docker Manager you do NOT deploy this — their platform
# already runs Traefik. Use this file to reproduce that environment on a
# generic VPS (e.g. a plain EC2 box) so you can test docker-compose.yaml
# end to end: TLS issuance, HTTP->HTTPS redirect, WebSocket upgrade, routing.
#
# It also documents exactly what we need Hostinger's Traefik to provide:
# - an HTTPS entrypoint (here: websecure / :443)
# - a Let's Encrypt certresolver (here: letsencrypt)
# - the Docker provider watching a shared network (here: traefik)
# - a long idleTimeout so long-lived signaling WebSockets aren't cut
#
# Bring up BEFORE the app stack, on the same external network:
# docker network create traefik
# docker compose -f docker-compose.traefik.yaml --env-file .env up -d
# docker compose --env-file .env up -d
# =================================================================
services:
traefik:
image: traefik:v3.1
container_name: traefik
restart: unless-stopped
command:
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
# Global HTTP->HTTPS redirect (the ACME HTTP-01 challenge is still served
# on :80 — Traefik handles the challenge ahead of this redirect).
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
# Keep long-lived WebSockets (signaling) from being cut while idle.
- --entrypoints.websecure.transport.respondingTimeouts.idleTimeout=3600s
# Let's Encrypt via HTTP-01. Must match TRAEFIK_CERTRESOLVER in the app .env.
- --certificatesresolvers.letsencrypt.acme.httpchallenge=true
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
- --certificatesresolvers.letsencrypt.acme.email=${ACME_EMAIL:?set ACME_EMAIL in .env}
- --certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json
# For repeated test runs, point at LE staging to avoid prod rate limits:
# - --certificatesresolvers.letsencrypt.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- traefik-acme:/letsencrypt
networks:
- traefik
volumes:
traefik-acme:
networks:
traefik:
external: true
name: ${TRAEFIK_NETWORK:-traefik}
Reference in a new issue View git blame Copy permalink