traefik-compose/example-services.yaml

version: '2.1'

networks:
  dmz:
    external: true

services:
  web:
    # accessible under the default hostname calculated from the compose stack
    image: zknt/nginx-alpine
    volumes:
      - ./index.html:/var/www/html/index.html
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=dmz"  # not needed here, but useful if there are multiple nets
      - "traefik.http.routers.https_web-hello.tls=true"
      - "traefik.http.routers.https_web-hello.tls.certresolver=lestage"
    networks:
      - dmz

  web2:
    # accessible under https://hostname/hello2 - with stripped path for the container
    image: zknt/nginx-alpine
    volumes:
      - ./index.html:/var/www/html/index.html
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=dmz"  # not needed here, but useful if there are multiple nets
      - "traefik.http.middlewares.stripprefix.stripprefix.prefixes=/hello2"
      - "traefik.http.routers.web-hello2.rule=Host(`traefik.zknt.org`) && Path(`/hello2`)"
      - "traefik.http.routers.https_web-hello2.rule=Host(`traefik.zknt.org`) && Path(`/hello2`)"
      - "traefik.http.routers.https_web-hello2.middlewares=stripprefix"
      - "traefik.http.routers.https_web-hello2.tls=true"
      - "traefik.http.routers.https_web-hello2.tls.certresolver=lestage"
    networks:
      - dmz

  web-auth:
    # uses basic auth for access control ($ in password need to be escaped, see
    # https://docs.traefik.io/middlewares/basicauth/ for details)
    image: zknt/nginx-alpine
    volumes:
      - ./index.html:/var/www/html/index.html
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=dmz"
      - "traefik.http.middlewares.auth.basicauth.users=admin:1234"  # double $ in hashes! s/\$/$$/g
      - "traefik.http.middlewares.auth.basicauth.realm=restriced"
      - "traefik.http.routers.https_web-hello-auth.tls=true"
      - "traefik.http.routers.https_web-hello-auth.tls.certresolver=lestage"
      - "traefik.http.routers.https_web-hello-auth.middlewares=auth"
    networks:
      - dmz

  replace:
    # replaces /some-old-path with /new-stuff
    image: zknt/nginx-alpine
    labels:
      - "traefik.enable=true"
      - "traefik.http.middlewares.replace-some-old.replacepathregex.regex=^/some-old-path/(.*)"
      - "traefik.http.middlewares.replace-some-old.replacepathregex.replacement=/new-stuff/$$1"
      - "traefik.http.routers.https_replace.tls=true"
      - "traefik.http.routers.https_replace.tls.certresolver=lestage"
      - "traefik.http.routers.https_replace.middlewares=replace-some-old"
    networks:
      - dmz