AaronFiore/btcpayserver-docker
1
0
Fork 0
Code Activity

Upgraded and refactored Traefik (#585)

Browse Source
This commit is contained in:
Honza Pobořil
2022-06-02 16:35:42 +02:00
committed by GitHub
parent e87ef5d0b0
commit c176745bc3
15 changed files with 80 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -297,8 +297,6 @@ Production/.env
.vscode/ .vscode/
*docker-compose.generated.yml *docker-compose.generated.yml
Generated/acme.json
Generated/traefik_logs/
Generated/chatwoot_config.env Generated/chatwoot_config.env
Generated/error Generated/error

3
Generated/.gitignore vendored
View File

@@ -1,5 +1,4 @@
*.yml *.yml
nginx.tmpl nginx.tmpl
*.toml
*.json *.json
pull-images.sh pull-images.sh

28
Traefik/README.md
View File

@@ -1,17 +1,27 @@
# How to use docker-compose with Traefik # How to use docker-compose with Traefik
Traefik is a modern reverse proxy aimed towards applications running through container orchestrators. Traefik is a modern reverse proxy aimed towards applications running through container orchestrators.
Some of the benefits of using Traefik over NGinx are: Some of the benefits of using Traefik over NGinx are:
* Real-time configuration changes - no need to reload the proxy
* Auto discovery and configuration of services through a vast amount of container orchestrators. - Real-time configuration changes - no need to reload the proxy
* Built-in official support for Let's Encrypt SSL with certificate auto-renewal - Auto discovery and configuration of services through a vast amount of container orchestrators.
- Built-in official support for Let's Encrypt SSL with certificate auto-renewal
- Supports path-based routing without need to [hard-code it in global config](../Production/nginx.tmpl).
## Traefik Specific Environment Variables ## Traefik Specific Environment Variables
* `BTCPAYGEN_REVERSEPROXY` to `traefik`. - `BTCPAYGEN_REVERSEPROXY` to `traefik`.
* `LETSENCRYPT_EMAIL`: Optional, The email Let's Encrypt will use to notify you about certificate expiration. - `LETSENCRYPT_EMAIL`: Optional, The email Let's Encrypt will use to notify you about certificate expiration.
* `BTCPAYGEN_ADDITIONAL_FRAGMENTS`: In the case that you have an already deployed traefik container, you can use the fragment `traefik-labels` which will tag the btcpayserver service with the needed labels to be discovered. - `BTCPAYGEN_ADDITIONAL_FRAGMENTS`: Add `traefik`
- `BTCPAY_ADDITIONAL_HOSTS`: Traefic can not accept list of hosts. Add additional hosts in a new file named e.g. `btcpayserver-traefic.custom.yml`:
```
version: "3"
services:
btcpayserver:
labels:
traefik.http.routers.btcpayserver2.rule: Host(`additional.example.com`)
traefik.http.routers.btcpayserver3.rule: Host(`another-additional.example.com`)
```
![Architecture](Production.png)
![Architecture](Production.png)

34
Traefik/traefik.toml
View File

@@ -1,34 +0,0 @@
defaultEntryPoints = ["https","http"]
logLevel = "ERROR"
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[retry]
[docker]
endpoint = "unix:///var/run/docker.sock"
watch = true
exposedByDefault = false
[acme]
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
[traefikLog]
filePath = "/traefik_logs/traefik.log"
format = "json"
[accessLog]
filePath = "/traefik_logs/access.log"
format = "json"

34
Traefik/traefik.yml Normal file
View File

@@ -0,0 +1,34 @@
entryPoints:
http:
address: :80
http:
redirections:
entrypoint:
to: https
scheme: https
https:
address: :443
http:
tls:
certResolver: default
providers:
docker:
exposedByDefault: false
watch: true
endpoint: unix:///var/run/docker.sock
# Enable only for debug
#api:
# insecure: true
# dashboard: true
log:
level: ERROR # or DEBUG, PANIC, FATAL, WARN, and INFO
certificatesResolvers:
default:
acme:
storage: /data/acme.json
httpChallenge:
entryPoint: http

6
build.ps1
View File

@@ -31,9 +31,3 @@ docker run -v "$(Get-Location)\Generated:/app/Generated" `
If ($BTCPAYGEN_REVERSEPROXY -eq "nginx") { If ($BTCPAYGEN_REVERSEPROXY -eq "nginx") {
Copy-Item ".\Production\nginx.tmpl" -Destination ".\Generated" Copy-Item ".\Production\nginx.tmpl" -Destination ".\Generated"
} }
If ($BTCPAYGEN_REVERSEPROXY -eq "traefik") {
Copy-Item ".\Traefik\traefik.toml" -Destination ".\Generated"
New-Item ".\Generated\acme.json" -type file
}

6
build.sh
View File

@@ -41,9 +41,3 @@ fi
[[ -f "Generated/pull-images.sh" ]] && chmod +x Generated/pull-images.sh [[ -f "Generated/pull-images.sh" ]] && chmod +x Generated/pull-images.sh
[[ -f "Generated/save-images.sh" ]] && chmod +x Generated/save-images.sh [[ -f "Generated/save-images.sh" ]] && chmod +x Generated/save-images.sh
if [ "$BTCPAYGEN_REVERSEPROXY" == "traefik" ]; then
cp Traefik/traefik.toml Generated/traefik.toml
:> Generated/acme.json
chmod 600 Generated/acme.json
fi

3
docker-compose-generator/docker-fragments/bitcoin-clightning.yml
View File

@@ -85,6 +85,9 @@ services:
RTL_SSO: 1 RTL_SSO: 1
RTL_COOKIE_PATH: /data/.cookie RTL_COOKIE_PATH: /data/.cookie
LOGOUT_REDIRECT_LINK: /server/services LOGOUT_REDIRECT_LINK: /server/services
labels:
traefik.enable: true
traefik.http.routers.bitcoin_rtl.rule: Host(`${BTCPAY_HOST}`) && (Path(`/rtl`) || PathPrefix(`/rtl/`))
volumes: volumes:
- "clightning_bitcoin_datadir:/root/.lightning" - "clightning_bitcoin_datadir:/root/.lightning"
- "bitcoin_datadir:/etc/bitcoin" - "bitcoin_datadir:/etc/bitcoin"

7
docker-compose-generator/docker-fragments/bitcoin-eclair.yml
View File

@@ -31,8 +31,8 @@ services:
-Declair.bitcoind.zmqblock=tcp://bitcoind:28334 -Declair.bitcoind.zmqblock=tcp://bitcoind:28334
-Declair.bitcoind.zmqtx=tcp://bitcoind:28333 -Declair.bitcoind.zmqtx=tcp://bitcoind:28333
expose: expose:
- "9735" # server port - "9735" # server port
- "8080" # api port - "8080" # api port
volumes: volumes:
- "bitcoin_datadir:/etc/bitcoin" - "bitcoin_datadir:/etc/bitcoin"
- "eclair_bitcoin_datadir:/data" - "eclair_bitcoin_datadir:/data"
@@ -56,6 +56,9 @@ services:
- "eclair_bitcoin_rtl_datadir:/data" - "eclair_bitcoin_rtl_datadir:/data"
expose: expose:
- "3000" - "3000"
labels:
traefik.enable: true
traefik.http.routers.bitcoin_rtl.rule: Host(`${BTCPAY_HOST}`) && (Path(`/rtl`) || PathPrefix(`/rtl/`))
links: links:
- eclair_bitcoin - eclair_bitcoin

3
docker-compose-generator/docker-fragments/bitcoin-lnd.yml
View File

@@ -66,6 +66,9 @@ services:
- "lnd_bitcoin_rtl_datadir:/data" - "lnd_bitcoin_rtl_datadir:/data"
expose: expose:
- "3000" - "3000"
labels:
traefik.enable: true
traefik.http.routers.bitcoin_rtl.rule: Host(`${BTCPAY_HOST}`) && (Path(`/rtl`) || PathPrefix(`/rtl/`))
links: links:
- lnd_bitcoin - lnd_bitcoin

5
docker-compose-generator/docker-fragments/btcpayserver.yml
View File

@@ -1,7 +1,6 @@
version: "3" version: "3"
services: services:
btcpayserver: btcpayserver:
restart: unless-stopped restart: unless-stopped
image: ${BTCPAY_IMAGE:-btcpayserver/btcpayserver:1.5.4$<BTCPAY_BUILD_CONFIGURATION>?} image: ${BTCPAY_IMAGE:-btcpayserver/btcpayserver:1.5.4$<BTCPAY_BUILD_CONFIGURATION>?}
@@ -21,6 +20,10 @@ services:
BTCPAY_DEBUGLOG: btcpay.log BTCPAY_DEBUGLOG: btcpay.log
BTCPAY_UPDATEURL: https://api.github.com/repos/btcpayserver/btcpayserver/releases/latest BTCPAY_UPDATEURL: https://api.github.com/repos/btcpayserver/btcpayserver/releases/latest
BTCPAY_DOCKERDEPLOYMENT: "true" BTCPAY_DOCKERDEPLOYMENT: "true"
labels:
traefik.enable: true
traefik.http.routers.btcpayserver.rule: Host(`${BTCPAY_HOST}`)
# Traefic can not accept list from BTCPAY_ADDITIONAL_HOSTS, see Traefik/README.md
links: links:
- postgres - postgres
volumes: volumes:

3
docker-compose-generator/docker-fragments/opt-add-btctransmuter.yml
View File

@@ -21,6 +21,9 @@ services:
VIRTUAL_HOST: ${BTCTRANSMUTER_HOST} VIRTUAL_HOST: ${BTCTRANSMUTER_HOST}
VIRTUAL_HOST_NAME: "btctransmuter" VIRTUAL_HOST_NAME: "btctransmuter"
TRANSMUTER_BTCPayAuthServer: "http://btcpayserver:49392" TRANSMUTER_BTCPayAuthServer: "http://btcpayserver:49392"
labels:
traefik.enable: true
traefik.http.routers.btctransmuter.rule: Host(`${BTCPAY_HOST}`) && (Path(`/btctransmuter`) || PathPrefix(`/btctransmuter/`))
expose: expose:
- "80" - "80"
links: links:

3
docker-compose-generator/docker-fragments/opt-add-thunderhub.yml
View File

@@ -19,6 +19,9 @@ services:
NO_CLIENT_ACCOUNTS: "true" NO_CLIENT_ACCOUNTS: "true"
LOG_LEVEL: debug LOG_LEVEL: debug
LOGOUT_URL: "/server/services/thunderhub/BTC" LOGOUT_URL: "/server/services/thunderhub/BTC"
labels:
traefik.enable: true
traefik.http.routers.bitcoin_thub.rule: Host(`${BTCPAY_HOST}`) && (Path(`/thub`) || PathPrefix(`/thub/`))
volumes: volumes:
- "lnd_bitcoin_datadir:/etc/lnd" - "lnd_bitcoin_datadir:/etc/lnd"
- "lnd_bitcoin_thub_datadir:/data" - "lnd_bitcoin_thub_datadir:/data"

12
docker-compose-generator/docker-fragments/traefik-labels.yml
View File

@@ -1,12 +0,0 @@
version: "3"
services:
btcpayserver:
labels:
- "traefik.backend=btcpayserver"
- "traefik.backend.loadbalancer.sticky=true"
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${BTCPAY_HOST}"
- "traefik.port.rule=49392"
- "traefik.acme.domains=${BTCPAY_HOST},www.${BTCPAY_HOST}"
- "traefik.acme.email=${LETSENCRYPT_EMAIL}"

14
docker-compose-generator/docker-fragments/traefik.yml
View File

@@ -3,23 +3,19 @@ version: "3"
services: services:
traefik: traefik:
restart: unless-stopped restart: unless-stopped
image: traefik image: traefik:v2.6
container_name: traefik container_name: traefik
ports: ports:
- "${REVERSEPROXY_HTTP_PORT:-80}:80" - "${REVERSEPROXY_HTTP_PORT:-80}:80"
- "${REVERSEPROXY_HTTPS_PORT:-443}:443" - "${REVERSEPROXY_HTTPS_PORT:-443}:443"
- "8080:8080" # Dashboard, enable for debug only
volumes: volumes:
- "/var/run/docker.sock:/var/run/docker.sock" - "/var/run/docker.sock:/var/run/docker.sock"
- "./traefik.toml:/traefik.toml" - "../Traefik/traefik.yml:/traefik.yml"
- "./acme.json:/acme.json:ro" - "traefik_data:/data"
- "./servers.toml:/servers.toml"
- "./traefik_logs:/traefik_logs"
links:
- btcpayserver
volumes: volumes:
traefik_logs: traefik_data:
exclusive: exclusive:
- proxy - proxy