diff --git a/docs/content/user-guides/docker-compose/acme-dns/docker-compose.yml b/docs/content/user-guides/docker-compose/acme-dns/docker-compose.yml new file mode 100644 index 000000000..bfba9fe4c --- /dev/null +++ b/docs/content/user-guides/docker-compose/acme-dns/docker-compose.yml @@ -0,0 +1,40 @@ +version: "3.3" + +services: + + traefik: + image: "traefik:v2.0.0-beta1" + container_name: "traefik" + command: + #- "--log.level=DEBUG" + - "--api=true" + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web.address=:80" + - "--entrypoints.websecure.address=:443" + - "--certificatesresolvers.mydnschallenge.acme.dnschallenge=true" + - "--certificatesresolvers.mydnschallenge.acme.dnschallenge.provider=ovh" + #- "--certificatesresolvers.mydnschallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" + - "--certificatesresolvers.mydnschallenge.acme.email=postmaster@mydomain.com" + - "--certificatesresolvers.mydnschallenge.acme.storage=/letsencrypt/acme.json" + ports: + - "80:80" + - "443:443" + - "8080:8080" + environment: + - "OVH_ENDPOINT=xxx" + - "OVH_APPLICATION_KEY=xxx" + - "OVH_APPLICATION_SECRET=xxx" + - "OVH_CONSUMER_KEY=xxx" + volumes: + - "./letsencrypt:/letsencrypt" + - "/var/run/docker.sock:/var/run/docker.sock:ro" + + whoami: + image: "containous/whoami" + container_name: "simple-service" + labels: + - "traefik.enable=true" + - "traefik.http.routers.whoami.rule=Host(`whoami.mydomain.com`)" + - "traefik.http.routers.whoami.entrypoints=websecure" + - "traefik.http.routers.whoami.tls.certresolver=mydnschallenge" diff --git a/docs/content/user-guides/docker-compose/acme-dns/docker-compose_secrets.yml b/docs/content/user-guides/docker-compose/acme-dns/docker-compose_secrets.yml new file mode 100644 index 000000000..7f41f26de --- /dev/null +++ b/docs/content/user-guides/docker-compose/acme-dns/docker-compose_secrets.yml @@ -0,0 +1,55 @@ +version: "3.3" + +secrets: + ovh_endpoint: + file: "./secrets/ovh_endpoint.secret" + ovh_application_key: + file: "./secrets/ovh_application_key.secret" + ovh_application_secret: + file: "./secrets/ovh_application_secret.secret" + ovh_consumer_key: + file: "./secrets/ovh_consumer_key.secret" + +services: + + traefik: + image: "traefik:v2.0.0-beta1" + container_name: "traefik" + command: + #- "--log.level=DEBUG" + - "--api=true" + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web.address=:80" + - "--entrypoints.websecure.address=:443" + - "--certificatesresolvers.mydnschallenge.acme.dnschallenge=true" + - "--certificatesresolvers.mydnschallenge.acme.dnschallenge.provider=ovh" + #- "--certificatesresolvers.mydnschallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" + - "--certificatesresolvers.mydnschallenge.acme.email=postmaster@mydomain.com" + - "--certificatesresolvers.mydnschallenge.acme.storage=/letsencrypt/acme.json" + ports: + - "80:80" + - "443:443" + - "8080:8080" + secrets: + - "ovh_endpoint" + - "ovh_application_key" + - "ovh_application_secret" + - "ovh_consumer_key" + environment: + - "OVH_ENDPOINT_FILE=/run/secrets/ovh_endpoint" + - "OVH_APPLICATION_KEY_FILE=/run/secrets/ovh_application_key" + - "OVH_APPLICATION_SECRET_FILE=/run/secrets/ovh_application_secret" + - "OVH_CONSUMER_KEY_FILE=/run/secrets/ovh_consumer_key" + volumes: + - "./letsencrypt:/letsencrypt" + - "/var/run/docker.sock:/var/run/docker.sock:ro" + + whoami: + image: "containous/whoami" + container_name: "simple-service" + labels: + - "traefik.enable=true" + - "traefik.http.routers.whoami.rule=Host(`whoami.mydomain.com`)" + - "traefik.http.routers.whoami.entrypoints=websecure" + - "traefik.http.routers.whoami.tls.certresolver=mydnschallenge" diff --git a/docs/content/user-guides/docker-compose/acme-dns/index.md b/docs/content/user-guides/docker-compose/acme-dns/index.md new file mode 100644 index 000000000..b66706337 --- /dev/null +++ b/docs/content/user-guides/docker-compose/acme-dns/index.md @@ -0,0 +1,183 @@ +# Docker-compose with let's encrypt: DNS Challenge + +This guide aim to demonstrate how to create a certificate with the let's encrypt DNS challenge to use https on a simple service exposed with Traefik. +Please also read the [basic example](../basic-example) for details on how to expose such a service. + +## Prerequisite + +For the DNS challenge, you'll need: + +- A working [provider](https://docs.traefik.io/v2.0/https/acme/#providers) along with the credentials allowing to create and remove DNS records. + +!!! info "Variables may vary depending on the Provider." + Please note this guide may vary depending on the provider you use. + The only things changing are the names of the variables you will need to define in order to configure your provider so it can create DNS records. + Please refer the [list of providers](../../../https/acme.md#providers) given right above and replace all the environment variables with the ones described in this documentation. + +## Setup + +- Create a `docker-compose.yml` file with the following content: + +```yaml +--8<-- "content/user-guides/docker-compose/acme-dns/docker-compose.yml" +``` + +- Replace the environment variables by your own: + + ```yaml + environment: + - "OVH_ENDPOINT=[YOUR_OWN_VALUE]" + - "OVH_APPLICATION_KEY=[YOUR_OWN_VALUE]" + - "OVH_APPLICATION_SECRET=[YOUR_OWN_VALUE]" + - "OVH_CONSUMER_KEY=[YOUR_OWN_VALUE]" + ``` + +- Replace `postmaster@mydomain.com` by your **own email** within the `certificatesresolvers.mydnschallenge.acme.email` command line argument of the `traefik` service. +- Replace `whoami.mydomain.com` by your **own domain** within the `traefik.http.routers.whoami.rule` label of the `whoami` service. +- Optionally uncomment the following lines if you want to test/debug: + + ```yaml + #- "--log.level=DEBUG" + #- "--certificatesresolvers.mydnschallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" + ``` + +- Run `docker-compose up -d` within the folder where you created the previous file. +- Wait a bit and visit `https://your_own_domain` to confirm everything went fine. + +!!! Note + + If you uncommented the `acme.caserver` line, you will get an SSL error, but if you display the certificate and see it was emitted by `Fake LE Intermediate X1` then it means all is good. + (It is the staging environment intermediate certificate used by let's encrypt). + You can now safely comment the `acme.caserver` line, remove the `letsencrypt/acme.json` file and restart Traefik to issue a valid certificate. + +## Explanation + +What changed between the initial setup: + +- We configure a second entry point for the https traffic: + +```yaml +command: + # Traefik will listen to incoming request on the port 443 (https) + - "--entrypoints.websecure.address=:443" +ports: + - "443:443" +``` + +- We configure the DNS let's encrypt challenge: + +```yaml +command: + # Enable a dns challenge named "mydnschallenge" + - "--certificatesresolvers.mydnschallenge.acme.dnschallenge=true" + # Tell which provider to use + - "--certificatesresolvers.mydnschallenge.acme.dnschallenge.provider=ovh" + # The email to provide to let's encrypt + - "--certificatesresolvers.mydnschallenge.acme.email=postmaster@mydomain.com" +``` + +- We provide the required configuration to our provider via environment variables: + +```yaml +environment: + - "OVH_ENDPOINT=xxx" + - "OVH_APPLICATION_KEY=xxx" + - "OVH_APPLICATION_SECRET=xxx" + - "OVH_CONSUMER_KEY=xxx" +``` + +!!! Note + + This is the step that may vary depending on the provider you use. + Just define the variables required by your provider. + (see the prerequisite for a list) + +- We add a volume to store our certificates: + +```yaml +volumes: + # Create a letsencrypt dir within the folder where the docker-compose file is + - "./letsencrypt:/letsencrypt" + +command: + # Tell to store the certificate on a path under our volume + - "--certificatesresolvers.mydnschallenge.acme.storage=/letsencrypt/acme.json" +``` + +- We configure the `whoami` service to tell Traefik to use the certificate resolver named `mydnschallenge` we just configured: + +```yaml +labels: + - "traefik.http.routers.whoami.tls.certresolver=mydnschallenge" # Uses the Host rule to define which certificate to issue +``` + +## Use Secrets + +To configure the provider, and avoid having the secrets exposed in plaintext within the docker-compose environment section, +you could use docker secrets. +The point is to manage those secret files by another mean, and read them from the `docker-compose.yml` file making the docker-compose file itself less sensitive. + +- Create a directory named `secrets`, and create a file for each parameters required to configure you provider containing the value of the parameter: + for example, the `ovh_endpoint.secret` file contain `ovh-eu` + +```text +./secrets +├── ovh_application_key.secret +├── ovh_application_secret.secret +├── ovh_consumer_key.secret +└── ovh_endpoint.secret +``` + +!!! Note + + You could store those secrets anywhere on the server, + just make sure to use the proper path for the `file` directive fo the secrets definition in the `docker-compose.yml` file. + +- Use this `docker-compose.yml` file: + +```yaml +--8<-- "content/user-guides/docker-compose/acme-dns/docker-compose_secrets.yml" +``` + +!!! Note + + Still think about changing `postmaster@mydomain.com` & `whoami.mydomain.com` by your own values. + +Let's explain a bit what we just did: + +- The following section allow to read files on the docker host, and expose those file under `/run/secrets/[NAME_OF_THE_SECRET]` within the container: + +```yaml +secrets: + # secret name also used to name the file exposed within the container + ovh_endpoint: + # path on the host + file: "./secrets/ovh_endpoint.secret" + ovh_application_key: + file: "./secrets/ovh_application_key.secret" + ovh_application_secret: + file: "./secrets/ovh_application_secret.secret" + ovh_consumer_key: + file: "./secrets/ovh_consumer_key.secret" + +services: + traefik: + # expose the predefined secret to the container by name + secrets: + - "ovh_endpoint" + - "ovh_application_key" + - "ovh_application_secret" + - "ovh_consumer_key" +``` + +- The environment variable within our `whoami` service are suffixed by `_FILE` which allow us to point to files containing the value, instead of exposing the value itself. + The acme client will read the content of those file to get the required configuration values. + +```yaml +environment: + # expose the path to file provided by docker containing the value we want for OVH_ENDPOINT. + - "OVH_ENDPOINT_FILE=/run/secrets/ovh_endpoint" + - "OVH_APPLICATION_KEY_FILE=/run/secrets/ovh_application_key" + - "OVH_APPLICATION_SECRET_FILE=/run/secrets/ovh_application_secret" + - "OVH_CONSUMER_KEY_FILE=/run/secrets/ovh_consumer_key" +``` diff --git a/docs/content/user-guides/docker-compose/acme-http/docker-compose.yml b/docs/content/user-guides/docker-compose/acme-http/docker-compose.yml new file mode 100644 index 000000000..bdacf474f --- /dev/null +++ b/docs/content/user-guides/docker-compose/acme-http/docker-compose.yml @@ -0,0 +1,35 @@ +version: "3.3" + +services: + + traefik: + image: "traefik:v2.0.0-beta1" + container_name: "traefik" + command: + #- "--log.level=DEBUG" + - "--api=true" + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web.address=:80" + - "--entrypoints.websecure.address=:443" + - "--certificatesresolvers.myhttpchallenge.acme.httpchallenge=true" + - "--certificatesresolvers.myhttpchallenge.acme.httpchallenge.entrypoint=web" + #- "--certificatesresolvers.myhttpchallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" + - "--certificatesresolvers.myhttpchallenge.acme.email=postmaster@mydomain.com" + - "--certificatesresolvers.myhttpchallenge.acme.storage=/letsencrypt/acme.json" + ports: + - "80:80" + - "443:443" + - ":8080:8080" + volumes: + - "./letsencrypt:/letsencrypt" + - "/var/run/docker.sock:/var/run/docker.sock:ro" + + whoami: + image: "containous/whoami" + container_name: "simple-service" + labels: + - "traefik.enable=true" + - "traefik.http.routers.whoami.rule=Host(`whoami.mydomain.com`)" + - "traefik.http.routers.whoami.entrypoints=websecure" + - "traefik.http.routers.whoami.tls.certresolver=myhttpchallenge" diff --git a/docs/content/user-guides/docker-compose/acme-http/index.md b/docs/content/user-guides/docker-compose/acme-http/index.md new file mode 100644 index 000000000..6b448c17a --- /dev/null +++ b/docs/content/user-guides/docker-compose/acme-http/index.md @@ -0,0 +1,83 @@ +# Docker-compose with let's encrypt : HTTP Challenge + +This guide aim to demonstrate how to create a certificate with the let's encrypt HTTP challenge to use https on a simple service exposed with Traefik. +Please also read the [basic example](../basic-example) for details on how to expose such a service. + +## Prerequisite + +For the HTTP challenge you will need: + +- A publicly accessible host allowing connections on port `80` & `443` with docker & docker-compose installed. +- A DNS record with the domain you want to expose pointing to this host. + +## Setup + +- Create a `docker-compose.yml` on your remote server with the following content: + +```yaml +--8<-- "content/user-guides/docker-compose/acme-http/docker-compose.yml" +``` + +- Replace `postmaster@mydomain.com` by your **own email** within the `certificatesresolvers.myhttpchallenge.acme.email` command line argument of the `traefik` service. +- Replace `whoami.mydomain.com` by your **own domain** within the `traefik.http.routers.whoami.rule` label of the `whoami` service. +- Optionally uncomment the following lines if you want to test/debug: + + ```yaml + #- "--log.level=DEBUG" + #- "--certificatesresolvers.myhttpchallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" + ``` + +- Run `docker-compose up -d` within the folder where you created the previous file. +- Wait a bit and visit `https://your_own_domain` to confirm everything went fine. + +!!! Note + + If you uncommented the `acme.caserver` line, you will get an SSL error, but if you display the certificate and see it was emitted by `Fake LE Intermediate X1` then it means all is good. + (It is the staging environment intermediate certificate used by let's encrypt). + You can now safely comment the `acme.caserver` line, remove the `letsencrypt/acme.json` file and restart Traefik to issue a valid certificate. + +## Explanation + +What changed between the basic example: + +- We configure a second entry point for the HTTPS traffic: + +```yaml +command: + # Traefik will listen to incoming request on the port 443 (https) + - "--entrypoints.websecure.address=:443" +ports: + - "443:443" +``` + +- We configure the HTTPS let's encrypt challenge: + +```yaml +command: + # Enable a http challenge named "myhttpchallenge" + - "--certificatesresolvers.myhttpchallenge.acme.httpchallenge=true" + # Tell it to use our predefined entrypoint named "web" + - "--certificatesresolvers.myhttpchallenge.acme.httpchallenge.entrypoint=web" + # The email to provide to let's encrypt + - "--certificatesresolvers.myhttpchallenge.acme.email=postmaster@mydomain.com" +``` + +- We add a volume to store our certificates: + +```yaml +volumes: + # Create a letsencrypt dir within the folder where the docker-compose file is + - "./letsencrypt:/letsencrypt" + +command: + # Tell to store the certificate on a path under our volume + - "--certificatesresolvers.myhttpchallenge.acme.storage=/letsencrypt/acme.json" +``` + +- We configure the `whoami` service to tell Traefik to use the certificate resolver named `myhttpchallenge` we just configured: + +```yaml +labels: + # Uses the Host rule to define which certificate to issue + - "traefik.http.routers.whoami.tls.certresolver=myhttpchallenge" +``` \ No newline at end of file diff --git a/docs/content/user-guides/docker-compose/acme-tls/docker-compose.yml b/docs/content/user-guides/docker-compose/acme-tls/docker-compose.yml new file mode 100644 index 000000000..1b03ce8d3 --- /dev/null +++ b/docs/content/user-guides/docker-compose/acme-tls/docker-compose.yml @@ -0,0 +1,32 @@ +version: "3.3" + +services: + + traefik: + image: "traefik:v2.0.0-beta1" + container_name: "traefik" + command: + #- "--log.level=DEBUG" + - "--api=true" + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.websecure.address=:443" + - "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true" + #- "--certificatesresolvers.mytlschallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" + - "--certificatesresolvers.mytlschallenge.acme.email=postmaster@mydomain.com" + - "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json" + ports: + - "443:443" + - "8080:8080" + volumes: + - "./letsencrypt:/letsencrypt" + - "/var/run/docker.sock:/var/run/docker.sock:ro" + + whoami: + image: "containous/whoami" + container_name: "simple-service" + labels: + - "traefik.enable=true" + - "traefik.http.routers.whoami.rule=Host(`whoami.mydomain.com`)" + - "traefik.http.routers.whoami.entrypoints=websecure" + - "traefik.http.routers.whoami.tls.certresolver=mytlschallenge" diff --git a/docs/content/user-guides/docker-compose/acme-tls/index.md b/docs/content/user-guides/docker-compose/acme-tls/index.md new file mode 100644 index 000000000..40fe8f904 --- /dev/null +++ b/docs/content/user-guides/docker-compose/acme-tls/index.md @@ -0,0 +1,79 @@ +# Docker-compose with let's encrypt: TLS Challenge + +This guide aim to demonstrate how to create a certificate with the let's encrypt TLS challenge to use https on a simple service exposed with Traefik. +Please also read the [basic example](../basic-example) for details on how to expose such a service. + +## Prerequisite + +For the TLS challenge you will need: + +- A publicly accessible host allowing connections on port `443` with docker & docker-compose installed. +- A DNS record with the domain you want to expose pointing to this host. + +## Setup + +- Create a `docker-compose.yml` on your remote server with the following content: + +```yaml +--8<-- "content/user-guides/docker-compose/acme-tls/docker-compose.yml" +``` + +- Replace `postmaster@mydomain.com` by your **own email** within the `certificatesresolvers.mytlschallenge.acme.email` command line argument of the `traefik` service. +- Replace `whoami.mydomain.com` by your **own domain** within the `traefik.http.routers.whoami.rule` label of the `whoami` service. +- Optionally uncomment the following lines if you want to test/debug: + + ```yaml + #- "--log.level=DEBUG" + #- "--certificatesresolvers.mytlschallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" + ``` + +- Run `docker-compose up -d` within the folder where you created the previous file. +- Wait a bit and visit `https://your_own_domain` to confirm everything went fine. + +!!! Note + + If you uncommented the `acme.caserver` line, you will get an SSL error, but if you display the certificate and see it was emitted by `Fake LE Intermediate X1` then it means all is good. + (It is the staging environment intermediate certificate used by let's encrypt). + You can now safely comment the `acme.caserver` line, remove the `letsencrypt/acme.json` file and restart Traefik to issue a valid certificate. + +## Explanation + +What changed between the basic example: + +- We replace the `web` entry point by one for the https traffic: + +```yaml +command: + # Traefik will listen to incoming request on the port 443 (https) + - "--entrypoints.websecure.address=:443" +ports: + - "443:443" +``` + +- We configure the Https let's encrypt challenge: + +```yaml +command: + # Enable a tls challenge named "mytlschallenge" + - "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true" +``` + +- We add a volume to store our certificates: + +```yaml +volumes: + # Create a letsencrypt dir within the folder where the docker-compose file is + - "./letsencrypt:/letsencrypt" + +command: + # Tell to store the certificate on a path under our volume + - "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json" +``` + +- We configure the `whoami` service to tell Traefik to use the certificate resolver named `mytlschallenge` we just configured: + +```yaml +labels: + # Uses the Host rule to define which certificate to issue + - "traefik.http.routers.whoami.tls.certresolver=mytlschallenge" +``` diff --git a/docs/content/user-guides/docker-compose/basic-example/docker-compose.yml b/docs/content/user-guides/docker-compose/basic-example/docker-compose.yml new file mode 100644 index 000000000..5fb8bf9dd --- /dev/null +++ b/docs/content/user-guides/docker-compose/basic-example/docker-compose.yml @@ -0,0 +1,26 @@ +version: "3.3" + +services: + + traefik: + image: "traefik:v2.0.0-beta1" + container_name: "traefik" + command: + #- "--log.level=DEBUG" + - "--api=true" + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web.address=:80" + ports: + - "80:80" + - "8080:8080" + volumes: + - "/var/run/docker.sock:/var/run/docker.sock:ro" + + whoami: + image: "containous/whoami" + container_name: "simple-service" + labels: + - "traefik.enable=true" + - "traefik.http.routers.whoami.rule=Host(`whoami.localhost`)" + - "traefik.http.routers.whoami.entrypoints=web" diff --git a/docs/content/user-guides/docker-compose/basic-example/index.md b/docs/content/user-guides/docker-compose/basic-example/index.md new file mode 100644 index 000000000..85d8fb495 --- /dev/null +++ b/docs/content/user-guides/docker-compose/basic-example/index.md @@ -0,0 +1,90 @@ +# Docker-compose basic example + +In this section we quickly go over a basic docker-compose file exposing a simple service using the docker provider. +This will also be used as a starting point for the the other docker-compose guides. + +## Setup + +- Edit a `docker-compose.yml` file with the following content: + +```yaml +--8<-- "content/user-guides/docker-compose/basic-example/docker-compose.yml" +``` + +- Replace `whoami.localhost` by your **own domain** within the `traefik.http.routers.whoami.rule` label of the `whoami` service. +- Run `docker-compose up -d` within the folder where you created the previous file. +- Wait a bit and visit `http://your_own_domain` to confirm everything went fine. + You should see the output of the whoami service. Something similar to: + + ```text + Hostname: d7f919e54651 + IP: 127.0.0.1 + IP: 192.168.64.2 + GET / HTTP/1.1 + Host: whoami.localhost + User-Agent: curl/7.52.1 + Accept: */* + Accept-Encoding: gzip + X-Forwarded-For: 192.168.64.1 + X-Forwarded-Host: whoami.localhost + X-Forwarded-Port: 80 + X-Forwarded-Proto: http + X-Forwarded-Server: 7f0c797dbc51 + X-Real-Ip: 192.168.64.1 + ``` + +## Details + +- As an example we use [whoami](https://github.com/containous/whoami) (a tiny Go server that prints os information and HTTP request to output) which was used to define our `simple-service` container. + +- We define an entry point, along with the exposure of the matching port within docker-compose, which basically allow us to "open and accept" HTTP traffic: + +```yaml +command: + # Traefik will listen to incoming request on the port 80 (HTTP) + - "--entrypoints.web.address=:80" + +ports: + - "80:80" +``` + +- We expose the Traefik API to be able to check the configuration if needed: + +```yaml +command: + # Traefik will listen on port 8080 by default for API request. + - "--api=true" + +ports: + - "8080:8080" +``` + +!!! Note + + If you are working on a remote server, you can use the following command to display configuration (require `curl` & `jq`): + + ```bash + curl -s 127.0.0.1:8080/api/rawdata | jq . + ``` + +- We allow Traefik to gather configuration from Docker: + +```yaml +traefik: + command: + # Enabling docker provider + - "--providers.docker=true" + # Do not expose containers unless explicitly told so + - "--providers.docker.exposedbydefault=false" + volumes: + - "/var/run/docker.sock:/var/run/docker.sock:ro" + +whoami: + labels: + # Explicitly tell Traefik to expose this container + - "traefik.enable=true" + # The domain the service will respond to + - "traefik.http.routers.whoami.rule=Host(`whoami.localhost`)" + # Allow request only from the predefined entry point named "web" + - "traefik.http.routers.whoami.entrypoints=web" +``` diff --git a/docs/mkdocs.yml b/docs/mkdocs.yml index 44eff35fc..76f03293b 100644 --- a/docs/mkdocs.yml +++ b/docs/mkdocs.yml @@ -137,6 +137,12 @@ nav: - 'Kubernetes and Let''s Encrypt': 'user-guides/crd-acme/index.md' - 'gRPC Examples': 'user-guides/grpc.md' - 'Marathon': 'user-guides/marathon.md' + - 'Docker': + - 'Basic Example': 'user-guides/docker-compose/basic-example/index.md' + - 'HTTPS with Let''s Encrypt': + - 'TLS Challenge': 'user-guides/docker-compose/acme-tls/index.md' + - 'HTTP Challenge': 'user-guides/docker-compose/acme-http/index.md' + - 'DNS Challenge': 'user-guides/docker-compose/acme-dns/index.md' - 'Contributing': - 'Thank You!': 'contributing/thank-you.md' - 'Submitting Issues': 'contributing/submitting-issues.md'