Upgraded and refactored Traefik (#585)

Traefik/README.md

@@ -1,17 +1,27 @@
 # How to use docker-compose with Traefik
 
-Traefik is a modern reverse proxy aimed towards applications running through container orchestrators. 
+Traefik is a modern reverse proxy aimed towards applications running through container orchestrators.
 
 Some of the benefits of using Traefik over NGinx are:
-* Real-time configuration changes - no need to reload the proxy
-* Auto discovery and configuration of services through a vast amount of container orchestrators.
-* Built-in official support for Let's Encrypt SSL with certificate auto-renewal
+
+- Real-time configuration changes - no need to reload the proxy
+- Auto discovery and configuration of services through a vast amount of container orchestrators.
+- Built-in official support for Let's Encrypt SSL with certificate auto-renewal
+- Supports path-based routing without need to [hard-code it in global config](../Production/nginx.tmpl).
 
 ## Traefik Specific Environment Variables
 
-* `BTCPAYGEN_REVERSEPROXY` to `traefik`.
-* `LETSENCRYPT_EMAIL`: Optional, The email Let's Encrypt will use to notify you about certificate expiration.
-* `BTCPAYGEN_ADDITIONAL_FRAGMENTS`: In the case that you have an already deployed traefik container, you can use the fragment `traefik-labels` which will tag the btcpayserver service with the needed labels to be discovered.
+- `BTCPAYGEN_REVERSEPROXY` to `traefik`.
+- `LETSENCRYPT_EMAIL`: Optional, The email Let's Encrypt will use to notify you about certificate expiration.
+- `BTCPAYGEN_ADDITIONAL_FRAGMENTS`: Add `traefik`
+- `BTCPAY_ADDITIONAL_HOSTS`: Traefic can not accept list of hosts. Add additional hosts in a new file named e.g. `btcpayserver-traefic.custom.yml`:
+  ```
+  version: "3"
+  services:
+    btcpayserver:
+      labels:
+        traefik.http.routers.btcpayserver2.rule: Host(`additional.example.com`)
+        traefik.http.routers.btcpayserver3.rule: Host(`another-additional.example.com`)
+  ```
 
-
-![Architecture](Production.png)
+![Architecture](Production.png)

Traefik/traefik.toml

@@ -1,34 +0,0 @@
-defaultEntryPoints = ["https","http"]
-
-logLevel = "ERROR"
-
-[entryPoints]
-  [entryPoints.http]
-  address = ":80"
-    [entryPoints.http.redirect]
-    entryPoint = "https"
-  [entryPoints.https]
-  address = ":443"
-  [entryPoints.https.tls]
-
-[retry]
-
-[docker]
-endpoint = "unix:///var/run/docker.sock"
-watch = true
-exposedByDefault = false
-
-[acme]
-storage = "acme.json"
-entryPoint = "https"
-onHostRule = true
-[acme.httpChallenge]
-entryPoint = "http"
-
-[traefikLog]
-  filePath = "/traefik_logs/traefik.log"
-  format   = "json"
-
-[accessLog]
-  filePath = "/traefik_logs/access.log"
-  format = "json"

Traefik/traefik.yml

@@ -0,0 +1,34 @@
+entryPoints:
+  http:
+    address: :80
+    http:
+      redirections:
+        entrypoint:
+          to: https
+          scheme: https
+  https:
+    address: :443
+    http:
+      tls:
+        certResolver: default
+
+providers:
+  docker:
+    exposedByDefault: false
+    watch: true
+    endpoint: unix:///var/run/docker.sock
+
+# Enable only for debug
+#api:
+#  insecure: true
+#  dashboard: true
+
+log:
+  level: ERROR # or DEBUG, PANIC, FATAL, WARN, and INFO
+
+certificatesResolvers:
+  default:
+    acme:
+      storage: /data/acme.json
+      httpChallenge:
+        entryPoint: http