version: "3.7" services: traefik: image: traefik:v2.9.1 networks: - web command: - --log.level=INFO - --api.dashboard=true - --api.insecure=false - --providers.docker=true - --providers.docker.swarmMode=true - --providers.docker.exposedByDefault=false - --entrypoints.web.address=:80 - --entrypoints.websecure.address=:443 - --certificatesresolvers.mytlschallenge.acme.tlschallenge=true - --certificatesresolvers.mytlschallenge.acme.email=${TRAEFIK_ACME_MAIL} - --certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json ports: - "80:80" - "443:443" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - traefik_certs:/letsencrypt deploy: labels: - traefik.enable=true - traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DOMAIN}`) - traefik.http.routers.traefik.service=api@internal - traefik.http.routers.traefik.entrypoints=websecure - traefik.http.routers.traefik.tls.certresolver=mytlschallenge placement: constraints: - node.role==manager restart_policy: condition: on-failure ocis: image: owncloud/ocis:${OCIS_DOCKER_TAG} networks: - web environment: OCIS_URL: https://${OCIS_DOMAIN} OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL} OCIS_LOG_COLOR: ${OCIS_LOG_COLOR} PROXY_TLS: "false" SETTINGS_GRPC_ADDR: 0.0.0.0:9191 OCIS_INSECURE: ${OCIS_INSECURE} PROXY_ENABLE_BASIC_AUTH: ${PROXY_ENABLE_BASIC_AUTH} IDM_ADMIN_PASSWORD: ${ADMIN_PASSWORD} IDM_CREATE_DEMO_USERS: ${DEMO_USERS} volumes: - ./config/ocis:/etc/ocis - ocis_data:/var/lib/ocis deploy: labels: - traefik.enable=true - traefik.http.routers.ocis.rule=Host(`${OCIS_DOMAIN}`) - traefik.http.routers.ocis.entrypoints=websecure - traefik.http.routers.ocis.tls.certresolver=mytlschallenge restart_policy: condition: on-failure networks: web: external: true volumes: traefik_certs: ocis_data: