# {{ ansible_managed }} --- networks: traefik: external: true services: traefik: image: traefik:v2.11 restart: always command: - "--log.level=INFO" - "--accesslog=true" - "--accesslog.fields.names.StartUTC=drop" - "--api=true" - "--api.dashboard=true" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" - "--entrypoints.web.address=:80" - "--entryPoints.web.forwardedHeaders.trustedIPs={{ docker_host_traefik_trusted_ips }}" - "--entrypoints.websecure.address=:443" - "--entryPoints.websecure.forwardedHeaders.trustedIPs={{ docker_host_traefik_trusted_ips }}" - "--entrypoints.api.address=:8443" labels: - "traefik.enable=true" - "traefik.docker.network=traefik" - "traefik.port=8443" - "traefik.http.routers.api.entrypoints=api" - "traefik.http.routers.api.rule=(PathPrefix(`/api`) || PathPrefix(`/dashboard`))" - "traefik.http.routers.api.service=api@internal" - "traefik.http.routers.api.middlewares=auth" - "traefik.http.routers.api.tls" - "traefik.http.middlewares.auth.basicauth.users={{ docker_host_traefik_admin }}" ports: - "{{ docker_host_traefik_listen_ip }}:80:80" - "{{ docker_host_traefik_listen_ip }}:443:443" - "{{ docker_host_traefik_listen_ip }}:8443:8443" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro environment: - TZ=Europe/Paris networks: - traefik userns_mode: "host"