marvinblum/docker-compose.yml

version: "3"

services:
  traefik:
    image: "traefik:v2.2"
    container_name: traefik
    restart: always
    networks:
      - traefik-internal
    command:
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--providers.docker.network=marvinblum_traefik-internal"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.tls-resolver.acme.httpchallenge=true"
      - "--certificatesresolvers.tls-resolver.acme.httpchallenge.entrypoint=web"
      - "--certificatesresolvers.tls-resolver.acme.email=marvin@marvinblum.de"
      - "--certificatesresolvers.tls-resolver.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /root/marvinblum/letsencrypt:/letsencrypt
    labels:
      - "traefik.enable=true"
      # Global redirection: http to https
      - 'traefik.http.routers.http-catchall.rule=HostRegexp(`{host:(www\.)?.+}`)'
      - "traefik.http.routers.http-catchall.entrypoints=web"
      - "traefik.http.routers.http-catchall.middlewares=wwwtohttps"
      # Global redirection: https (www.) to https
      - 'traefik.http.routers.wwwsecure-catchall.rule=HostRegexp(`{host:(www\.).+}`)'
      - "traefik.http.routers.wwwsecure-catchall.entrypoints=websecure"
      - "traefik.http.routers.wwwsecure-catchall.tls=true"
      - "traefik.http.routers.wwwsecure-catchall.middlewares=wwwtohttps"
      # middleware: http(s)://(www.) to  https://
      - 'traefik.http.middlewares.wwwtohttps.redirectregex.regex=^https?://(?:www\.)?(.+)'
      - 'traefik.http.middlewares.wwwtohttps.redirectregex.replacement=https://$${1}'
      - 'traefik.http.middlewares.wwwtohttps.redirectregex.permanent=true'
  marvinblum:
    image: kugel/marvinblum
    container_name: marvinblum
    restart: always
    depends_on:
      - traefik
    networks:
      - postgres_db-internal
      - traefik-internal
    env_file:
      - secrets.env
    environment:
      MB_EMVI_CLIENT_ID: 3fBBn144yvSF9R3dPC8l
      MB_EMVI_ORGA: marvin
      MB_DB_HOST: postgres
    labels:
      - "traefik.enable=true"
      - "traefik.port=8888"
      - "traefik.http.routers.schnittfest.rule=Host(`marvinblum.de`) || Host(`www.marvinblum.de`)"
      - "traefik.http.routers.schnittfest.entrypoints=websecure"
      - "traefik.http.routers.schnittfest.tls=true"
      - "traefik.http.routers.schnittfest.tls.certresolver=tls-resolver"

networks:
  traefik-internal:
    driver: bridge
  postgres_db-internal:
    external: true