traefik yaml
name: traefik
services:
traefik:
command:
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.http.address=:80
- --entrypoints.https.address=:443
- --certificatesresolvers.le.acme.email=myemail@gmail.com
- --certificatesresolvers.le.acme.storage=/certificates/acme.json
- --certificatesresolvers.le.acme.tlschallenge=true
- --accesslog
- --log
- --api
image: traefik:v2.11
labels:
traefik.docker.network: traefik-public
traefik.enable: "true"
traefik.http.middlewares.admin-auth.basicauth.users: admin:$$apr1$$dAsnSe4J$$SYlxvygBquIcgLExt6hnY0
traefik.http.middlewares.https-redirect.redirectscheme.permanent: "true"
traefik.http.middlewares.https-redirect.redirectscheme.scheme: https
traefik.http.routers.traefik-public-http.entrypoints: http
traefik.http.routers.traefik-public-http.middlewares: https-redirect
traefik.http.routers.traefik-public-http.rule: Host(`traefik.site1.in`)
traefik.http.routers.traefik-public-http.service: api@internal
traefik.http.routers.traefik-public-https.entrypoints: https
traefik.http.routers.traefik-public-https.middlewares: admin-auth
traefik.http.routers.traefik-public-https.rule: Host(`traefik.site1.in`)
traefik.http.routers.traefik-public-https.service: api@internal
traefik.http.routers.traefik-public-https.tls: "true"
traefik.http.routers.traefik-public-https.tls.certresolver: le
traefik.http.services.traefik-public.loadbalancer.server.port: "8080"
networks:
traefik-public: null
ports:
- mode: ingress
target: 80
published: "80"
protocol: tcp
- mode: ingress
target: 443
published: "443"
protocol: tcp
restart: unless-stopped
volumes:
- type: bind
source: /var/run/docker.sock
target: /var/run/docker.sock
read_only: true
bind:
create_host_path: true
- type: volume
source: cert-data
target: /certificates
volume: {}
networks:
traefik-public:
name: traefik-public
volumes:
cert-data:
name: traefik_cert-data
ERP next yaml
name: erpnext-one
services:
backend:
depends_on:
configurator:
condition: service_completed_successfully
required: true
image: user/repo:1.0.0
networks:
bench-network: null
mariadb-network: null
platform: linux/amd64
pull_policy: always
volumes:
- type: volume
source: sites
target: /home/frappe/frappe-bench/sites
volume: {}
configurator:
command:
- |
ls -1 apps > sites/apps.txt; bench set-config -g db_host $$DB_HOST; bench set-config -gp db_port $$DB_PORT; bench set-config -g redis_cache "redis://$$REDIS_CACHE"; bench set-config -g redis_queue "redis://$$REDIS_QUEUE"; bench set-config -g redis_socketio "redis://$$REDIS_QUEUE"; bench set-config -gp socketio_port $$SOCKETIO_PORT;
depends_on:
redis-cache:
condition: service_started
required: true
redis-queue:
condition: service_started
required: true
entrypoint:
- bash
- -c
environment:
DB_HOST: mariadb-database
DB_PORT: "3306"
REDIS_CACHE: redis-cache:6379
REDIS_QUEUE: redis-queue:6379
SOCKETIO_PORT: "9000"
image: user/repo:1.0.0
networks:
bench-network: null
mariadb-network: null
platform: linux/amd64
pull_policy: always
volumes:
- type: volume
source: sites
target: /home/frappe/frappe-bench/sites
volume: {}
frontend:
command:
- nginx-entrypoint.sh
depends_on:
backend:
condition: service_started
required: true
websocket:
condition: service_started
required: true
environment:
BACKEND: backend:8000
CLIENT_MAX_BODY_SIZE: 50m
FRAPPE_SITE_NAME_HEADER: $$host
PROXY_READ_TIMEOUT: "120"
SOCKETIO: websocket:9000
UPSTREAM_REAL_IP_ADDRESS: 127.0.0.1
UPSTREAM_REAL_IP_HEADER: X-Forwarded-For
UPSTREAM_REAL_IP_RECURSIVE: "off"
image: user/repo:1.0.0
labels:
traefik.docker.network: traefik-public
traefik.enable: "true"
traefik.http.routers.erpnext-one-http.entrypoints: http
traefik.http.routers.erpnext-one-http.middlewares: https-redirect
traefik.http.routers.erpnext-one-http.rule: Host(`erp.site1.in`,`erp.site2.com`)
traefik.http.routers.erpnext-one-http.service: erpnext-one
traefik.http.routers.erpnext-one-https.entrypoints: https
traefik.http.routers.erpnext-one-https.rule: Host(`erp.site1.in`,`erp.site2.com`)
traefik.http.routers.erpnext-one-https.service: erpnext-one
traefik.http.routers.erpnext-one-https.tls: "true"
traefik.http.routers.erpnext-one-https.tls.certresolver: le
traefik.http.services.erpnext-one.loadbalancer.server.port: "8080"
networks:
bench-network: null
traefik-public: null
platform: linux/amd64
pull_policy: always
volumes:
- type: volume
source: sites
target: /home/frappe/frappe-bench/sites
volume: {}
queue-long:
command:
- bench
- worker
- --queue
- long,default,short
depends_on:
configurator:
condition: service_completed_successfully
required: true
image: user/repo:1.0.0
networks:
bench-network: null
mariadb-network: null
platform: linux/amd64
pull_policy: always
volumes:
- type: volume
source: sites
target: /home/frappe/frappe-bench/sites
volume: {}
queue-short:
command:
- bench
- worker
- --queue
- short,default
depends_on:
configurator:
condition: service_completed_successfully
required: true
image: user/repo:1.0.0
networks:
bench-network: null
mariadb-network: null
platform: linux/amd64
pull_policy: always
volumes:
- type: volume
source: sites
target: /home/frappe/frappe-bench/sites
volume: {}
redis-cache:
image: redis:6.2-alpine
networks:
bench-network: null
mariadb-network: null
volumes:
- type: volume
source: redis-cache-data
target: /data
volume: {}
redis-queue:
image: redis:6.2-alpine
networks:
bench-network: null
mariadb-network: null
volumes:
- type: volume
source: redis-queue-data
target: /data
volume: {}
scheduler:
command:
- bench
- schedule
depends_on:
configurator:
condition: service_completed_successfully
required: true
image: user/repo:1.0.0
networks:
bench-network: null
mariadb-network: null
platform: linux/amd64
pull_policy: always
volumes:
- type: volume
source: sites
target: /home/frappe/frappe-bench/sites
volume: {}
websocket:
command:
- node
- /home/frappe/frappe-bench/apps/frappe/socketio.js
depends_on:
configurator:
condition: service_completed_successfully
required: true
image: user/repo:1.0.0
networks:
bench-network: null
mariadb-network: null
platform: linux/amd64
pull_policy: always
volumes:
- type: volume
source: sites
target: /home/frappe/frappe-bench/sites
volume: {}
networks:
bench-network:
name: erpnext-one
mariadb-network:
name: mariadb-network
external: true
traefik-public:
name: traefik-public
external: true
volumes:
redis-cache-data:
name: erpnext-one_redis-cache-data
redis-queue-data:
name: erpnext-one_redis-queue-data
sites:
name: erpnext-one_sites
x-backend-defaults:
depends_on:
configurator:
condition: service_completed_successfully
image: user/repo:1.0.0
pull_policy: always
volumes:
- sites:/home/frappe/frappe-bench/sites
x-customizable-image:
image: user/repo:1.0.0
pull_policy: always
x-depends-on-configurator:
depends_on:
configurator:
condition: service_completed_successfully
traefik error
Unable to obtain ACME certificate for domains \"traefik.site1.in\": unable to generate a certificate for the domains [traefik.site1.in]: error: one or more domains had a problem:\n[traefik.site1.in] acme: error: 400 :: urn:ietf:params:acme:error:connection :: my_ip_X.X.X.X: Timeout during connect (likely firewall problem)\n" rule="Host(`traefik.site1.in`)" providerName=le.acme ACME CA="https://acme-v02.api.letsencrypt.org/directory" routerName=traefik-public-https@docker
time="2024-12-08T09:23:44Z" level=error msg="Unable to obtain ACME certificate for domains \"traefik.site1.in\": unable to generate a certificate for the domains [traefik.site1.in]: error: one or more domains had a problem:\n[traefik.site1.in] acme: error: 400 :: urn:ietf:params:acme:error:connection :: my_ip_X.X.X.X: Timeout during connect (likely firewall problem)\n" rule="Host(`traefik.site1.in`)" routerName=traefik-public-https@docker providerName=le.acme ACME CA="https://acme-v02.api.letsencrypt.org/directory"
time="2024-12-08T09:23:45Z" level=error msg="Unable to obtain ACME certificate for domains \"erp.site1.in,erp.site2.com\": unable to generate a certificate for the domains [erp.site1.in erp.site2.com]: error: one or more domains had a problem:\n[erp.site2.com] acme: error: 400 :: urn:ietf:params:acme:error:connection :: my_ip_X.X.X.X: Timeout during connect (likely firewall problem)\n[erp.site1.in] acme: error: 400 :: urn:ietf:params:acme:error:connection :: my_ip_X.X.X.X: Timeout during connect (likely firewall problem)\n" rule="Host(`erp.site1.in`,`erp.site2.com`)" providerName=le.acme ACME CA="https://acme-v02.api.letsencrypt.org/directory" routerName=erpnext-one-https@docker