From 6054b96d9b02ab8c18100984f0570c328c2904a2 Mon Sep 17 00:00:00 2001 From: Jenniferplusplus Date: Sun, 12 Nov 2023 15:27:50 -0600 Subject: configure traefik and smallstep --- docker-compose.yml | 38 ++++++++++++++++++++++++++------------ 1 file changed, 26 insertions(+), 12 deletions(-) (limited to 'docker-compose.yml') diff --git a/docker-compose.yml b/docker-compose.yml index 043bc52..cf641da 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,28 +8,42 @@ services: - './volumes/root-ca:/home/step' environment: - DOCKER_STEPCA_INIT_NAME=Letterbook Sandcastles - - DOCKER_STEPCA_INIT_DNS_NAMES=localhost,root-ca + - DOCKER_STEPCA_INIT_DNS_NAMES=root-ca.castle,root-ca,localhost - DOCKER_STEPCA_INIT_REMOTE_MANAGEMENT=true ports: - "9000:9000" + networks: + default: + aliases: + - root-ca.castle proxy: - # Replace with traefik - image: busybox:1.36 - command: '/bin/sh -c "trap : TERM INT; sleep infinity & wait"' + image: traefik:v2.5 + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - ./volumes/proxy/:/etc/traefik/ + ports: + - '80:80' + - '443:443' networks: default: - fediverse: aliases: - - mastodon.castle - - firefish.castle - - letterbook.castle + - dashboard.castle # the traefik monitoring dashboard + - host.castle # proxy to a service running on the docker host - client: - image: busybox:1.36 - networks: - - fediverse + fingerprint: # get the fingerprint of the CA root certificate, so you can add it to system trust stores + profiles: + - trust + image: smallstep/step-cli:0.25.0 + volumes: + - './volumes/root-ca/certs:/home/step/certs:ro' + command: + - step + - certificate + - fingerprint + - /home/step/certs/root_ca.crt networks: + default: fediverse: \ No newline at end of file -- cgit v1.2.3