Replace Nginx + Let's Encrypt with Traefik (see docker-compose)

README.md

@@ -24,21 +24,20 @@ If you are interested, [check out](https://hub.docker.com/r/crazymax/) my other
 
 ### From docker-compose
 
-* Reverse proxy with [nginx-proxy](https://github.com/jwilder/nginx-proxy)
-* Creation/renewal of Let's Encrypt certificates automatically with [letsencrypt-nginx-proxy-companion](https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion)
+* [Traefik](https://github.com/containous/traefik-library-image) as reverse proxy and creation/renewal of Let's Encrypt certificates
 
 ## Docker
 
 ### Environment variables
 
-* `TZ` : The timezone assigned to the container (default to `UTC`)
+* `TZ` : The timezone assigned to the container (default `UTC`)
 * `JLS_VIRTUAL_HOSTS` : [Virtual hosts](https://www.jetbrains.com/help/license_server/setting_host_and_port.html#d1010e63) where license server will be available (comma delimited for several hosts)
-* `JLS_CONTEXT` :  [Context path](https://www.jetbrains.com/help/license_server/setting_host_and_port.html#d1010e63) used by the license server (default to : `/`)
-* `JLS_ACCESS_CONFIG` : JSON file to configure [user restrictions](https://www.jetbrains.com/help/license_server/configuring_user_restrictions.html) (default to `/data/access-config.json`)
+* `JLS_CONTEXT` :  [Context path](https://www.jetbrains.com/help/license_server/setting_host_and_port.html#d1010e63) used by the license server (default `/`)
+* `JLS_ACCESS_CONFIG` : JSON file to configure [user restrictions](https://www.jetbrains.com/help/license_server/configuring_user_restrictions.html) (default `/data/access-config.json`)
 * `JLS_STATS_RECIPIENTS` : [Reports recipients](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e40) email addresses for stats (comma delimited)
-* `JLS_REPORT_OUT_OF_LICENSE` : [Warn about lack of licenses](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e40) every hour following the percentage threshold (default to : `0` = disabled)
+* `JLS_REPORT_OUT_OF_LICENSE` : [Warn about lack of licenses](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e40) every hour following the percentage threshold (default `0`)
 * `JLS_SMTP_SERVER` : SMTP server host to use for sending [stats](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html) (stats disabled if empty)
-* `JLS_SMTP_PORT` : SMTP server port (default to `25`)
+* `JLS_SMTP_PORT` : SMTP server port (default `25`)
 * `JLS_SMTP_USERNAME` : SMTP username (auth disabled if empty)
 * `JLS_SMTP_PASSWORD` : SMTP password (auth disabled if empty)
 * `JLS_STATS_FROM` : [From address](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e40) for stats emails
@@ -57,6 +56,8 @@ If you are interested, [check out](https://hub.docker.com/r/crazymax/) my other
 Docker compose is the recommended way to run this image. You can use the following [docker compose template](docker/docker-compose.yml), then run the container :
 
 ```bash
+touch acme.json
+chmod 600 acme.json
 docker-compose up -d
 docker-compose logs -f
 ```

docker/docker-compose.yml

@@ -1,41 +1,48 @@
 version: '3'
 
 services:
-  proxy:
-    image: jwilder/nginx-proxy:alpine
-    labels:
-      - com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=true
+  traefik:
+    image: traefik:alpine
+    command:
+      - --logLevel=INFO
+      - --defaultentrypoints=http,https
+      - --entryPoints=Name:http Address::80 Redirect.EntryPoint:https
+      - --entryPoints=Name:https Address::443 TLS
+      - --docker
+      - --docker.exposedbydefault=false
+      - --docker.domain=example.com
+      - --acme=false
+      - --acme.acmelogging=true
+      - --acme.email=webmaster@example.com
+      - --acme.storage=acme.json
+      - --acme.entryPoint=https
+      - --acme.onhostrule=true
+      - --acme.httpchallenge=true
     ports:
-      - 80:80
-      - 443:443
+      - target: 80
+        published: 80
+        protocol: tcp
+        mode: host
+      - target: 443
+        published: 443
+        protocol: tcp
+        mode: host
     volumes:
-      - ./proxy/conf.d:/etc/nginx/conf.d:rw
-      - ./proxy/vhost.d:/etc/nginx/vhost.d:rw
-      - ./proxy/html:/usr/share/nginx/html:rw
-      - ./proxy/certs:/etc/nginx/certs:ro
-      - /etc/localtime:/etc/localtime:ro
-      - /var/run/docker.sock:/tmp/docker.sock:ro
-    restart: always
-
-  letsencrypt:
-    image: jrcs/letsencrypt-nginx-proxy-companion
-    depends_on:
-      - proxy
-    volumes:
-      - ./proxy/certs:/etc/nginx/certs:rw
-      - ./proxy/vhost.d:/etc/nginx/vhost.d:rw
-      - ./proxy/html:/usr/share/nginx/html:rw
-      - /etc/localtime:/etc/localtime:ro
-      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./acme.json:/acme.json
+      - /var/run/docker.sock:/var/run/docker.sock
     restart: always
 
   app:
     image: crazymax/jetbrains-license-server:latest
     depends_on:
-      - letsencrypt
-      - proxy
+      - traefik
     volumes:
-      - ./data:/data
+      - jetbrains-license-server:/data
+    labels:
+      - traefik.enable=true
+      - traefik.backend=jetbrains-license-server
+      - traefik.port=80
+      - traefik.frontend.rule=Host:jetbrains-license-server.example.com,an-other-host.example.com
     environment:
       - TZ=Europe/Paris
       - JLS_VIRTUAL_HOSTS=jetbrains-license-server.example.com,an-other-host.example.com
@@ -49,7 +56,7 @@ services:
       - JLS_SMTP_PASSWORD=
       - JLS_STATS_FROM=jetbrains@example.com
       - JLS_STATS_TOKEN=1BFC67F51AAF99E85C2347B72E62C
-      - VIRTUAL_HOST=jetbrains-license-server.example.com
-      - LETSENCRYPT_HOST=jetbrains-license-server.example.com
-      - LETSENCRYPT_EMAIL=webmaster@example.com
     restart: always
+
+volumes:
+  jetbrains-license-server: