Basic conversion to Traefik v2 just to get things running

templates/GitLab/0/docker-compose.yml

@@ -14,7 +14,7 @@ services:
         gitlab_rails['gitlab_shell_ssh_port'] = 22
         nginx['real_ip_trusted_addresses'] = [ '10.42.0.0/16' ] # 10.42.0.0/16 is the default Rancher-managed subnet
         nginx['listen_port'] = 80 # Using HTTP between the Traefik container and GitLab
-        nginx['listen_https'] = false # Traefik is handling HTTPS on outside
+        nginx['listen_https'] = false # Traefik is handling HTTPS termination
     hostname: ${TRAEFIK_HOST}
     labels:
       io.rancher.container.pull_image: always
@@ -22,23 +22,14 @@ services:
       io.rancher.scheduler.affinity:host_label: ${HOST_LABEL}
       {{- end}}
       traefik.enable: true
-      ### Start Web Segment
+      traefik.http.routers.gitlab-router.rule: Host(`${TRAEFIK_HOST}`)
-      traefik.web.frontend.entryPoints: http,https
+      traefik.http.routers.gitlab-router.entrypoints: https
-      traefik.web.frontend.headers.forceSTSHeader: true
+      traefik.http.routers.gitlab-router.service: gitlab-service
-      traefik.web.frontend.headers.referrerPolicy: no-referrer # Security enhancement (Prevents leaking of referer information)
+      traefik.http.routers.gitlab-router.tls: true
-      traefik.web.frontend.headers.SSLRedirect: true
+      traefik.http.routers.gitlab-router.tls.certresolver: letsencrypt
-      traefik.web.frontend.headers.STSPreload: true
+      traefik.http.services.gitlab-service.loadbalancer.server.port: "80"
-      traefik.web.frontend.headers.STSSeconds: 15552000
+      traefik.http.services.gitlab-service.loadbalancer.server.scheme: http
-      traefik.web.frontend.passHostHeader: true
+      traefik.http.services.gitlab-service.loadbalancer.passhostheader: true
-      traefik.web.frontend.rule: HostRegexp:${TRAEFIK_HOST},{subdomain:.+}.${TRAEFIK_HOST}
-      traefik.web.port: "80"
-      ### End Web Segment
-      ### Start SSH Segment
-      # traefik.ssh.frontend.entryPoints: ssh
-      # traefik.ssh.frontend.rule: Host:${TRAEFIK_HOST}
-      # traefik.ssh.frontend.passHostHeader: true
-      # traefik.ssh.port: "22"
-      ### End SSH Segment
     restart: on-failure
     volumes:
       - /etc/localtime:/etc/localtime:ro # Syncronize time of container with the host system

templates/Nextcloud/0/docker-compose.yml

@@ -41,22 +41,31 @@ services:
       {{- end}}
 #      io.rancher.sidekicks: cron
       traefik.enable: true
-      ### Start Web UI Segment
+      traefik.http.routers.nextcloud-router.rule: Host(`${TRAEFIK_HOST}`)
-      traefik.frontend.entryPoints: http,https
+      traefik.http.routers.nextcloud-router.entrypoints: https
-      traefik.frontend.headers.forceSTSHeader: true
+      traefik.http.routers.nextcloud-router.service: nextcloud-service
-      traefik.frontend.headers.referrerPolicy: no-referrer # Security enhancement (Prevents leaking of referer information)
+      traefik.http.routers.nextcloud-router.tls: true
-      traefik.frontend.headers.SSLRedirect: true
+      traefik.http.routers.nextcloud-router.tls.certresolver: letsencrypt
-      traefik.frontend.headers.STSIncludeSubdomains: true
+      traefik.http.services.nextcloud-service.loadbalancer.server.port: "80"
-      traefik.frontend.headers.STSPreload: true
+      traefik.http.services.nextcloud-service.loadbalancer.server.scheme: http
-      traefik.frontend.headers.STSSeconds: 15552000
+      traefik.http.services.nextcloud-service.loadbalancer.passhostheader: true
-      traefik.frontend.passHostHeader: true
+# Will come back to finish the conversion to Traefik v2 later
-      traefik.frontend.rule: Host:${TRAEFIK_HOST}
+#      ### Start Web UI Segment
-      traefik.port: "80"
+#      traefik.frontend.entryPoints: http,https
-      ### End Web UI Segment
+#     traefik.frontend.headers.forceSTSHeader: true
-      ### Start CalDAV/CardDAV Redirect Segment
+#      traefik.frontend.headers.referrerPolicy: no-referrer # Security enhancement (Prevents leaking of referer information)
-      traefik.frontend.redirect.permanent: true
+#      traefik.frontend.headers.SSLRedirect: true
-      traefik.frontend.redirect.regex: https://(.*)/.well-known/(card|cal)dav
+#      traefik.frontend.headers.STSIncludeSubdomains: true
-      traefik.frontend.redirect.replacement: https://${TRAEFIK_HOST}/remote.php/dav/
+#      traefik.frontend.headers.STSPreload: true
+#      traefik.frontend.headers.STSSeconds: 15552000
+#      traefik.frontend.passHostHeader: true
+#      traefik.frontend.rule: Host:${TRAEFIK_HOST}
+#      traefik.port: "80"
+#      ### End Web UI Segment
+#      ### Start CalDAV/CardDAV Redirect Segment
+#      traefik.frontend.redirect.permanent: true
+#      traefik.frontend.redirect.regex: https://(.*)/.well-known/(card|cal)dav
+#      traefik.frontend.redirect.replacement: https://${TRAEFIK_HOST}/remote.php/dav/
       ### End CalDAV/CardDAV Redirect Segment
     links:
       - mysql

templates/Traefik/1/docker-compose.yml

@@ -16,7 +16,7 @@ services:
       io.rancher.scheduler.affinity:host_label: ${HOST_LABEL}
       {{- end}}
     ports:
-      - "1200:1200" # Traefik Dashboard (Might be temporary)
+      - "1200:8080" # Traefik Dashboard
       - "22:22" # SSH
       - "80:80" # HTTP
       - "443:443" # HTTPS

templates/Traefik/1/rancher-compose.yml

@@ -13,7 +13,7 @@ catalog:
       label: "Host Label Key/Value Pair"
       description: |
         The Key/Value pair of the host which the stack should be deployed.
-      default: "host.id=Proxy1"
+      default: "host.id=Proxy0"
       required: false
       type: string