version: '3.7' services: ################################################ #### Traefik Proxy Setup ##### ############################################### traefik: image: traefik:v2.2.1 restart: always container_name: traefik ports: - '80:80' # <== http - '443:443' # <== https command: #### Traefik CLI commands to configure Traefik! #### ## API Settings - https://docs.traefik.io/operations/api/, endpoints - https://docs.traefik.io/operations/api/#endpoints ## - --api.insecure=false # <== DisEnabling insecure api. Default is ture. - --api.dashboard=true # <== Enabling the dashboard to view services, middlewares, routers, etc... - --api.debug=true # <== Enabling additional endpoints for debugging and profiling ## Log Settings (options: ERROR, DEBUG, PANIC, FATAL, WARN, INFO) - https://docs.traefik.io/observability/logs/ ## - --log.level=DEBUG # <== Setting the level of the logs from traefik ## Provider Settings - https://docs.traefik.io/providers/docker/#provider-configuration ## - --providers.docker=true # <== Enabling docker as the provider for traefik - --providers.docker.exposedbydefault=false # <== Don't expose every container to traefik, only expose enabled ones ## Entrypoints Settings - https://docs.traefik.io/routing/entrypoints/#configuration ## - --entrypoints.web.address=:80 # <== Defining an entrypoint for port :80 named web - --entrypoints.web-secured.address=:443 # <== Defining an entrypoint for https on port :443 named web-secured ## Certificate Settings (Let's Encrypt) - https://docs.traefik.io/https/acme/#configuration-examples ## - --certificatesresolvers.mytlschallenge.acme.tlschallenge=true # <== Enable TLS-ALPN-01 to generate and renew ACME certs - --certificatesresolvers.mytlschallenge.acme.email=${ACME_EMAIL} # <== Setting email for certs - --certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json # <== Defining acme file to store cert information volumes: - ./conf/traefik/letsencrypt:/letsencrypt # <== Volume for certs (TLS) - /var/run/docker.sock:/var/run/docker.sock # <== Volume for docker admin. Don't change it! labels: #### Labels define the behavior and rules of the traefik proxy for this container #### traefik.enable: true # <== Enable traefik on itself to view dashboard and assign subdomain to view it #redirecting ALL HTTP to HTTPS traefik.http.routers.http_catchall.rule: hostregexp(`{host:.*}`) traefik.http.routers.http_catchall.entryPoints: web traefik.http.routers.http_catchall.middlewares: redirect_https # <== apply redirect_https middleware which is defined in the below #dashboard traefik.http.routers.traefik.rule: Host(`traefik.${APP_DOMAIN}`) # <== Setting the domain for the dashboard traefik.http.routers.traefik.entryPoints: web-secured traefik.http.routers.traefik.tls: true traefik.http.routers.traefik.tls.certresolver: mytlschallenge traefik.http.routers.traefik.service: api@internal #to define middlewares traefik.http.middlewares.redirect_https.redirectscheme.scheme: https # <== define a https redirection middleware ################################################ #### v2ray server container ##### ############################################## v2ray: image: alphacodinghub/v2ray-nginx ports: - ${LISTENING_PORT:-3003} container_name: v2ray restart: always environment: LISTENING_PORT: ${LISTENING_PORT:-3003} CLIENT_ID: ${CLIENT_ID:-2e5762cc-20d2-42b1-b0ad-cbe55dc5fa35} CLIENT_ALTERID: ${CLIENT_ALTERID:-64} CLIENT_WSPATH: ${CLIENT_WSPATH:-/allproducts} volumes: - ./conf/html:/var/www/html labels: #### Labels define the behavior and rules of the traefik proxy for this container #### traefik.enable: true # <== Enable traefik to proxy this container traefik.http.routers.v2ray.rule: Host(`${APP_NAME}.${APP_DOMAIN}`) # && PathPrefix(`${CLIENT_WSPATH:-/allproducts}`) # <== Your Domain Name for the https rule traefik.http.routers.v2ray.entrypoints: web-secured # <== Defining entrypoint for https, **ref: line 31 traefik.http.routers.v2ray.tls.certresolver: mytlschallenge # <== Defining certsresolvers for https