Notice
Recent Posts
Recent Comments
Link
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 |
Tags
- ebs 녹음
- traefik2
- wrt54g
- webmin
- Nas
- 마클미러
- webdav
- 골프 스윙
- 바디스윙
- 모하비
- BCM94352Z
- h6000ii
- EBS
- uboot
- macvlan
- parallel to usb
- debian9
- pihole
- iomega
- openmediavault
- nginx
- tm-ac1900
- Stretch
- proftpd
- omv5
- omv
- SAMBA
- 커널 5.13.8
- AC68U
- 나인봇 미니 충전
Archives
- Today
- Total
해피 투게더
omv5 에서 traefik2 설정하기 본문
traefik2 리다이렉트, 리버즈 프록시 설정.
추가부분은 dynamic-conf.yml 부분만 수정이 필요.
폴더 구조
traefik2 아래 config, log 폴더 와 traefik.yml
config 폴더아래 acme.json, dynamic-conf.yml
포테이너 스택에 아래를 넣고 디플로이, 설정파일 위치는 적당히.
portainer stack
version: "2"
services:
traefik:
image: traefik:latest
container_name: traefik
volumes:
- /srv/dev-disk-by-id-ata-WDC_WD20EFRX-68EUZN0_WD-WCC4M5NLPC0L-part2/hd1/docker/traefik2/traefik.yml:/etc/traefik/traefik.yml
- /srv/dev-disk-by-id-ata-WDC_WD20EFRX-68EUZN0_WD-WCC4M5NLPC0L-part2/hd1/docker/traefik2/config:/config
- /srv/dev-disk-by-id-ata-WDC_WD20EFRX-68EUZN0_WD-WCC4M5NLPC0L-part2/hd1/docker/traefik2/config/acme.json:/acme.json
- /srv/dev-disk-by-id-ata-WDC_WD20EFRX-68EUZN0_WD-WCC4M5NLPC0L-part2/hd1/docker/traefik2/log:/log
- /var/run/docker.sock:/var/run/docker.sock # traefik이 docker event를 listen하게 합니다.
ports:
- 8880:80
- 8443:443
- 8080:8080
restart: unless-stopped
traefik.yml duckdns 도메인, 렛츠인크립트용 이메일 주소만 바꿔주세요.
## traefik.yml
entryPoints:
http:
address: ":80"
http:
redirections:
entrypoint:
to: https
https:
address: ":443"
# Docker configuration backend
providers:
docker:
exposedByDefault: false
defaultRule: "Host(`{{ trimPrefix `/` .Name }}.domain.duckdns.org`)"
file:
filename: "/config/dynamic-conf.yml"
watch: true
# API and dashboard configuration
api:
insecure: true
certificatesResolvers:
letsencrypt:
acme:
# used during the challenge
httpChallenge:
entryPoint: http
email: "email@gmail.com"
storage: "/config/acme.json"
log:
filePath: "log/traefik.log"
level: WARN
accessLog:
filePath: "log/access.log"
bufferingSize: 100
dynamic-conf.yml 는 router 설정 참고.
http:
routers:
to-webfolder:
rule: "(Host(`domain.duckdns.org`) && Path(`/sub`)) || Host(`sub.domain.duckdns.org`)"
tls:
certResolver: letsencrypt
service: webfolder
services:
webfolder:
loadBalancer:
servers:
- url: "http://192.168.2.107:2020"
tls:
options:
default:
minVersion: VersionTLS13
mintls12:
minVersion: VersionTLS12
cipherSuites:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
인증서는 잘 생성되는데 torrssen2 의 경우는 안전하지 않다고 나오는데 이유를 잘 모르겠음.
