首頁 探索 說明
登入
LBP
/
FressRSS
镜像来自 https://github.com/FreshRSS/FreshRSS.git
4
0
複刻 0
Files 問題管理 0 Wiki
目錄樹: 1.24.3
分支列表 標籤列表
FressRSS
/
Docker
/
freshrss
/
docker-compose-proxy.yml

docker-compose-proxy.yml 2.3 KB
永久連結 文件歷史 原始文件

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162 
  1. version: "2.4"
    2. 

  2. 

  3. volumes:
    4. 

  4.   traefik-letsencrypt:
    5. 

  5.   traefik-tmp:
    6. 

  6. 

  7. services:
    8. 

  8. 

  9.   traefik:
    10. 

  10.     image: traefik:3.0
    11. 

  11.     container_name: traefik
    12. 

  12.     restart: unless-stopped
    13. 

  13.     logging:
    14. 

  14.       options:
    15. 

  15.         max-size: 10m
    16. 

  16.     ports:
    17. 

  17.       - 80:80
    18. 

  18.       - 443:443
    19. 

  19.     volumes:
    20. 

  20.       - /var/run/docker.sock:/var/run/docker.sock:ro
    21. 

  21.       - traefik-tmp:/tmp
    22. 

  22.       - traefik-letsencrypt:/etc/traefik/acme
    23. 

  23.       - ./traefik/tls.yaml:/etc/traefik/tls.yaml:ro
    24. 

  24.     command:
    25. 

  25.       - --global.sendAnonymousUsage
    26. 

  26.       - --accesslog=true
    27. 

  27.       - --api=false
    28. 

  28.       - --providers.docker=true
    29. 

  29.       - --providers.docker.exposedByDefault=false
    30. 

  30.       - --log.level=INFO
    31. 

  31.       - --entryPoints.http.address=:80
    32. 

  32.       - --entryPoints.https.address=:443
    33. 

  33.       - --entryPoints.http.http.redirections.entryPoint.to=https
    34. 

  34.       - --entryPoints.http.http.redirections.entryPoint.scheme=https
    35. 

  35.       - --certificatesResolvers.letsEncrypt.acme.storage=/etc/traefik/acme/acme.json
    36. 

  36.       - --certificatesResolvers.letsEncrypt.acme.email=${ADMIN_EMAIL}
    37. 

  37.       - --certificatesResolvers.letsEncrypt.acme.tlsChallenge=true
    38. 

  38.       - --providers.file.filename=/etc/traefik/tls.yaml
    39. 

  39.     labels:
    40. 

  40.       - traefik.enable=false
    41. 

  41. 

  42.   freshrss:
    43. 

  43.     environment:
    44. 

  44.       TRUSTED_PROXY: 172.16.0.1/12
    45. 

  45.     labels:
    46. 

  46.       - traefik.enable=true
    47. 

  47.       - traefik.http.middlewares.freshrssM1.compress=true
    48. 

  48.       - traefik.http.middlewares.freshrssM2.headers.browserXssFilter=true
    49. 

  49.       - traefik.http.middlewares.freshrssM2.headers.forceSTSHeader=true
    50. 

  50.       - traefik.http.middlewares.freshrssM2.headers.frameDeny=true
    51. 

  51.       - traefik.http.middlewares.freshrssM2.headers.referrerPolicy=no-referrer-when-downgrade
    52. 

  52.       - traefik.http.middlewares.freshrssM2.headers.stsSeconds=31536000
    53. 

  53.       - traefik.http.routers.freshrss.entryPoints=https
    54. 

  54.       - traefik.http.routers.freshrss.tls.certResolver=letsEncrypt
    55. 

  55.       - traefik.http.routers.freshrss.tls=true
    56. 

  56.       ## Option 1: server FreshRSS as sub-domain
    57. 

  57.       - traefik.http.routers.freshrss.middlewares=freshrssM1,freshrssM2
    58. 

  58.       - traefik.http.routers.freshrss.rule=Host(`${SERVER_DNS}`)
    59. 

  59.       ## Option 2: serve FreshRSS as sub-path
    60. 

  60.       # - traefik.http.middlewares.freshrssM3.stripprefix.prefixes=/freshrss
    61. 

  61.       # - traefik.http.routers.freshrss.middlewares=freshrssM1,freshrssM2,freshrssM3
    62. 

  62.       # - traefik.http.routers.freshrss.rule=PathPrefix(`/freshrss`)
    63.