###前言 昨晚閒得無聊睡不著覺，拿起伺服器嘗試部署了一下Docker + Traefik v2.1.6 ，以下是一些配置的總結，初次接觸，大佬勿噴。 我的系統環境是 Ubuntu 18.04.3 LTS ###一、Docker 和 Docker Compose 安裝 *懶人使用一鍵指令碼* **1.Docker 安裝** ```bash curl -sSL https://get.daocloud.io/docker | sh ``` 安裝後將會自動重啟。 **2.Docker Compose 安裝** ```bash curl -L https://github.com/docker/compose/releases/download/1.25.4/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose chmod +x /usr/local/bin/docker-compose ``` 可自行前往Github 檢視最新版本 [Releases · docker/compose](https://github.com/docker/compose/releases "Releases · docker/compose") Docker以及Docker Compose簡單介紹使用傳送門：[docker 及 docker-compose 的快速安裝和簡單使用](https://www.cnblogs.com/morang/p/9501223.html "docker 及 docker-compose 的快速安裝和簡單使用") ###二、使用Docker Compose快速安裝Traefik v2.1.6 **1.建立traefik目錄，新建docker-compose.yml檔案 以下是我的配置，僅供參考** ```bash vim docker-compose.yml ``` ```yaml version: "3.7" services: dykimy_traefik: restart: always image: traefik:v2.1.6 container_name: dykimy_traefik command: - "--api.insecure=true" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" # 入口點資訊 其中 http & https 可以自己定義名稱 在routers entrypoints中會用到 - "--entrypoints.http.address=:80" - "--entrypoints.https.address=:443" # ACME資訊 - "--certificatesresolvers.dykimy.acme.httpchallenge=true" - "--certificatesresolvers.dykimy.acme.httpchallenge.entrypoint=http" - "--certificatesresolvers.dykimy.acme.email=${AcmeEmail}" - "--certificatesresolvers.dykimy.acme.storage=/letsencrypt/acme.json" networks: - webgateway ports: - "80:80" - "443:443" volumes: - "./letsencrypt:/letsencrypt" - "/var/run/docker.sock:/var/run/docker.sock:ro" - "/etc/timezone:/etc/timezone" - "/etc/localtime:/etc/localtime" labels: - "traefik.enable=true" # Traefik儀表板相關配置 - "traefik.http.routers.dykimy_traefik.rule=Host(`${TraefikDomain}`)" - "traefik.http.routers.dykimy_traefik.tls.certresolver=dykimy" - "traefik.http.routers.dykimy_traefik.entrypoints=https" - "traefik.http.routers.dykimy_traefik.middlewares=authtraefik" - "traefik.http.services.dykimy_traefik.loadbalancer.server.port=8080" - "traefik.http.middlewares.authtraefik.basicauth.users=${TraefikUsers}" # 全域性重定向到HTTPS - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)" - "traefik.http.routers.http-catchall.entrypoints=http" - "traefik.http.routers.http-catchall.middlewares=redirect-to-https" # 重定向中介軟體 - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" networks: webgateway: external: # 請先自行建立網路 docker network create dykimy_gateway 名字自己定義 name: dykimy_gateway ``` ```bash vim .env ``` ```ini [email protected] TraefikDomain=traefik.yourdomain.com TraefikUsers=user:$apr1$7u80L7XB$Oqh/UiL5EjWr94lSkULKl0,user2:$apr1$U.eJNqst$DeuE7JjXgbiqP9g2nUq18/ ``` ```bash #使用者可以設定多個，生成htpasswd使用如下shell獲取。 echo $(htpasswd -nb user password) #user:$apr1$7u80L7XB$Oqh/UiL5EjWr94lSkULKl0 #如果需要直接解除安裝yml中，因為有$符號需要轉移。 echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g #user:$$apr1$$i88wLyi0$$/2dB/ShipkdrTZpnDjcpo0 ``` yml中的寫法 ```yaml labels: - "traefik.http.middlewares.test-auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0" ``` **2.拉取映象，啟動容器** ```bash docker-compose up -d ``` 訪問 traefik.yourdomain.com 就可以看到Traefik 的介面啦，下面附送兩張圖片，Traefik V2的UI是真的好看。   **3.其他站點如何配置？** 我以一個whoami的示例給大家舉例 ```bash vim docker-compose.yml ``` ```yaml version: "3.7" services: whoami: restart: always image: containous/whoami container_name: whoami labels: - "traefik.enable=true" - "traefik.http.routers.whoami.rule=Host(`whoami.yourdomain.com`)" - "traefik.http.routers.whoami.entrypoints=https" # 這裡的dykimy 填寫上面的ACME你定義的節點名稱 - "traefik.http.routers.whoami.tls.certresolver=dykimy" networks: - webgateway networks: webgateway: external: name: dykimy_gateway ``` 啟動容器 ```bash docker-compose up -d ``` 訪問`whoami.yourdomain.com`就可以看到效果了 **4.不帶www轉到www** 我搜索了中文結果，英文結果，都沒有找到traefik v2 設定不帶www跳轉www的方法，然後發現老外的需求都是帶www跳轉到不帶www，哈哈，然後自己寫了一個，僅供參考。 在 traefik 目錄的 `docker-compose.yml` 下的 `labels` 節點，增加如下配置： ```yaml - "traefik.http.middlewares.https-force-www.redirectregex.regex=^https://([^www](?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z0-9][a-z0-9-]{0,61}[a-z0-9])(.+)" - "traefik.http.middlewares.https-force-www.redirectregex.replacement=https://www.$${1}$${2}" - "traefik.http.middlewares.https-force-www.redirectregex.permanent=true" ``` 完整檔案內容 ```yaml version: "3.7" services: dykimy_traefik: restart: always image: traefik:v2.1.6 container_name: dykimy_traefik command: - "--api.insecure=true" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" # 入口點資訊 其中 http & https 可以自己定義名稱 在routers entrypoints中會用到 - "--entrypoints.http.address=:80" - "--entrypoints.https.address=:443" # ACME資訊 - "--certificatesresolvers.dykimy.acme.httpchallenge=true" - "--certificatesresolvers.dykimy.acme.httpchallenge.entrypoint=http" - "--certificatesresolvers.dykimy.acme.email=${AcmeEmail}" - "--certificatesresolvers.dykimy.acme.storage=/letsencrypt/acme.json" networks: - webgateway ports: - "80:80" - "443:443" volumes: - "./letsencrypt:/letsencrypt" - "/var/run/docker.sock:/var/run/docker.sock:ro" - "/etc/timezone:/etc/timezone" - "/etc/localtime:/etc/localtime" labels: - "traefik.enable=true" # Traefik儀表板相關配置 - "traefik.http.routers.dykimy_traefik.rule=Host(`${TraefikDomain}`)" - "traefik.http.routers.dykimy_traefik.tls.certresolver=dykimy" - "traefik.http.routers.dykimy_traefik.entrypoints=https" - "traefik.http.routers.dykimy_traefik.middlewares=authtraefik" - "traefik.http.services.dykimy_traefik.loadbalancer.server.port=8080" - "traefik.http.middlewares.authtraefik.basicauth.users=${TraefikUsers}" # 全域性重定向到HTTPS - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)" - "traefik.http.routers.http-catchall.entrypoints=http" - "traefik.http.routers.http-catchall.middlewares=redirect-to-https" # 重定向中介軟體 - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" # 全域性重定向https請求不帶www到www中介軟體 - "traefik.http.middlewares.https-force-www.redirectregex.regex=^https://([^www](?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z0-9][a-z0-9-]{0,61}[a-z0-9])(.+)" - "traefik.http.middlewares.https-force-www.redirectregex.replacement=https://www.$${1}$${2}" - "traefik.http.middlewares.https-force-www.redirectregex.permanent=true" networks: webgateway: external: # 請先自行建立網路 docker network create dykimy_gateway 名字自己定義 name: dykimy_gateway ``` 對應修改站點下的docker-compose.yml為： ```yaml version: "3.7" services: whoami: restart: always image: containous/whoami container_name: whoami labels: - "traefik.enable=true" # 注意這裡增加了www字首 - "traefik.http.routers.whoami.rule=Host(`whoami.yourdomain.com`,`www.whoami.yourdomain.com`)" - "traefik.http.routers.whoami.entrypoints=https" # 這裡的dykimy 填寫上面的ACME你定義的節點名稱 - "traefik.http.routers.whoami.tls.certresolver=dykimy" # 使用咱們全域性定義的https-force-www中介軟體 - "traefik.http.routers.whoami.middlewares=https-force-www" networks: - webgateway networks: webgateway: external: name: dykimy_gateway ``` 好了，大功告成，一寫部落格就去了幾個小時，哈哈哈，如果本文幫到您，請大家多多支援，如有不足之處，請指出，感謝您的閱讀。 本文版權歸 [Dykimy](https://www.cnblogs.com/Dykimy/ "Dykimy") 和 [部落格園](https://www.cnblogs.com/ "部落格園") 共有，歡迎轉載，如未經作者允許，轉載需保留此段宣告，並在文章顯眼處註明出處，否則保留追究法律責任的權利。