Dashboard

"Traefik"

traefik:
    image: traefik:v2.10
    container_name: traefik
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - traefik-config:/etc/traefik
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - letsencrypt:/letsencrypt
    networks:
      internal:
        ipv4_address: 192.168.11.2 
      front:
        ipv4_address: 192.168.10.2
    command:
      - "--log.level=DEBUG"  # Livello di log dettagliato
      - "--accesslog=true"  # Abilita access log
      - "--api.dashboard=true"  # Attiva la dashboard web di Traefik
      - "--providers.docker=true"  # Abilita rilevamento automatico dei container Docker
      - "--providers.docker.exposedbydefault=false"  # I container non sono esposti a Traefik se non specificato
      - "--entrypoints.web.address=:80" 
      - "--entrypoints.websecure.address=:443"  
      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"  
      - "--certificatesresolvers.myresolver.acme.email=email@email.it"  
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"  
      - "--metrics.prometheus=true"  # Esporta metriche per Prometheus
      - "--metrics.prometheus.buckets=0.100000,0.300000,1.200000,5.000000"  # Bucket personalizzati per istogrammi
      - "--metrics.prometheus.addEntryPointsLabels=true"  # Aggiunge label sugli entrypoint
      - "--metrics.prometheus.addServicesLabels=true"  # Aggiunge label sui servizi
      - "--entryPoints.metrics.address=:8899"  # EntryPoint per metriche Prometheus
      - "--metrics.prometheus.entryPoint=metrics"  # Associa le metriche all'entryPoint "metrics"
      - "--accesslog.fields.defaultmode=drop"
      - "--accesslog.fields.names.ClientHost=keep"
      - "--accesslog.fields.names.RequestHost=keep"
      - "--accesslog.fields.names.RequestPath=keep"
      - "--accesslog.fields.headers.defaultmode=drop"
      - "--accesslog.format=json"
      - "--accesslog.filters.statuscodes=200-200"
      - "--accesslog.fields.headers.names.User-Agent=keep"
    labels:
      - "traefik.enable=true"  # Abilita il container per Traefik
      - "traefik.http.routers.dashboard.entrypoints=websecure"  # Usa HTTPS
      - "traefik.http.routers.dashboard.rule=Host(`domain.it`)"  # Dominio richiesto per accedere alla dashboard
      - "traefik.http.routers.dashboard.service=api@internal"  
      - "traefik.http.routers.dashboard.tls.certresolver=myresolver"  
      - "traefik.http.routers.dashboard.middlewares=traefik-auth"  # Middleware di autenticazione
      - "traefik.http.middlewares.traefik-auth.basicauth.users=admin:$2y$05$xxxxxxxxx"  

    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"
    restart: always

"Generare password Http-Auth"

echo $(htpasswd -nB user) | sed -e s/\\$/\\$\\$/g