with-omgwtfssl.yml

version: '3.5'

services:
  traefik:
    command:
      # we need that file to set the certificate path to the one generated by omgwtfssl
      - "--providers.file.filename=/etc/traefik/traefik.config.toml"
      # because f***ing docker compose doesn't merge the command
      - "--log.level=DEBUG"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--global.sendAnonymousUsage=false"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--entrypoints.gitea-ssh.address=:22"
      - "--metrics.influxdb=${MON_TRAEFIK-false}"
      - "--metrics.influxdb.address=http://172.20.0.1:8186" # TODO change to host.docker.internal when https://github.com/docker/for-linux/issues/264 is solved
      - "--metrics.influxdb.protocol=http"
    volumes:
      - ${PWD}/traefik.config.toml:/etc/traefik/traefik.config.toml
      - certs:/etc/certs:ro
    depends_on:
      - omgwtfssl

  omgwtfssl:
    image: omgwtfssl
    restart: "no"
    volumes:
      - certs:/certs
    environment:
      - SSL_SUBJECT=${DOMAIN}
      - CA_SUBJECT=my@example.com
      - SSL_KEY=/certs/default.key
      - SSL_CSR=/certs/default.csr
      - SSL_CERT=/certs/default.crt
    networks:
      - proxy-tier

volumes:
  certs: