From db5c9b65820598a04c5bf5ba800e4c010a17aaad Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 21 Aug 2023 20:03:13 +0100 Subject: [PATCH] Promote http requests for every container to https --- Bitwarden/docker-compose.yml | 7 ++++++- Database/docker-compose.yml | 7 ++++++- Development/Gitea/docker-compose.yml | 6 ++++++ Traefik/docker-compose.yml | 6 ++++++ Websites/docker-compose.yml | 14 ++++++++++++-- 5 files changed, 36 insertions(+), 4 deletions(-) diff --git a/Bitwarden/docker-compose.yml b/Bitwarden/docker-compose.yml index 58aae5e..de9f2f7 100644 --- a/Bitwarden/docker-compose.yml +++ b/Bitwarden/docker-compose.yml @@ -13,7 +13,12 @@ services: labels: ## Expose Bitwarden Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container - - "traefik.http.services.bitwarden.loadbalancer.server.port=80" + + - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https" + - "traefik.http.routers.bitwarden-insecure.middlewares=redirect-web-secure" + - "traefik.http.routers.bitwarden-insecure.rule=Host(`bitwarden.luke-else.co.uk`)" + - "traefik.http.routers.bitwarden-insecure.entrypoints=web" + - "traefik.http.routers.bitwarden.rule=Host(`bitwarden.luke-else.co.uk`)" - "traefik.http.routers.bitwarden.entrypoints=websecure" - "traefik.http.routers.bitwarden.tls.certresolver=myresolver" diff --git a/Database/docker-compose.yml b/Database/docker-compose.yml index c7cc8ca..8f1ad87 100644 --- a/Database/docker-compose.yml +++ b/Database/docker-compose.yml @@ -40,7 +40,12 @@ services: labels: ## Expose phpMyAdmin Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container - - "traefik.http.services.phpmyadmin.loadbalancer.server.port=80" + + - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https" + - "traefik.http.routers.phpmyadmin-insecure.middlewares=redirect-web-secure" + - "traefik.http.routers.phpmyadmin-insecure.rule=Host(`mysql.luke-else.co.uk`)" + - "traefik.http.routers.phpmyadmin-insecure.entrypoints=web" + - "traefik.http.routers.phpmyadmin.rule=Host(`mysql.luke-else.co.uk`)" - "traefik.http.routers.phpmyadmin.entrypoints=websecure" - "traefik.http.routers.phpmyadmin.tls.certresolver=myresolver" diff --git a/Development/Gitea/docker-compose.yml b/Development/Gitea/docker-compose.yml index 8f83f40..5ca5358 100644 --- a/Development/Gitea/docker-compose.yml +++ b/Development/Gitea/docker-compose.yml @@ -29,6 +29,12 @@ services: labels: ## Expose Gitea Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container + + - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https" + - "traefik.http.routers.gitea-insecure.middlewares=redirect-web-secure" + - "traefik.http.routers.gitea-insecure.rule=Host(`git.luke-else.co.uk`)" + - "traefik.http.routers.gitea-insecure.entrypoints=web" + - "traefik.http.services.gitea.loadbalancer.server.port=3000" - "traefik.http.routers.gitea.rule=Host(`git.luke-else.co.uk`)" - "traefik.http.routers.gitea.entrypoints=websecure" diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index a390e0d..b63ff00 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -22,6 +22,12 @@ services: - proxy labels: - "traefik.enable=true" + + - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https" + - "traefik.http.routers.traefik-insecure.middlewares=redirect-web-secure" + - "traefik.http.routers.traefik-insecure.rule=Host(`traefik.luke-else.co.uk`)" + - "traefik.http.routers.traefik-insecure.entrypoints=web" + - "traefik.http.routers.traefik.rule=Host(`traefik.luke-else.co.uk`)" - "traefik.http.routers.traefik.entrypoints=websecure" - "traefik.http.routers.traefik.service=api@internal" diff --git a/Websites/docker-compose.yml b/Websites/docker-compose.yml index 1f22040..6cedae8 100644 --- a/Websites/docker-compose.yml +++ b/Websites/docker-compose.yml @@ -13,7 +13,12 @@ services: labels: ## Expose luke-else Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container - - "traefik.http.services.personal.loadbalancer.server.port=80" + + - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https" + - "traefik.http.routers.personal-insecure.middlewares=redirect-web-secure" + - "traefik.http.routers.personal-insecure.rule=Host(`luke-else.co.uk`)" + - "traefik.http.routers.personal-insecure.entrypoints=web" + - "traefik.http.routers.personal.rule=Host(`luke-else.co.uk`)" - "traefik.http.routers.personal.entrypoints=websecure" - "traefik.http.routers.personal.tls.certresolver=myresolver" @@ -29,7 +34,12 @@ services: labels: ## Expose Snexo Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container - - "traefik.http.services.snexo.loadbalancer.server.port=80" + + - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https" + - "traefik.http.routers.snexo-insecure.middlewares=redirect-web-secure" + - "traefik.http.routers.snexo-insecure.rule=Host(`snexo.co.uk`)" + - "traefik.http.routers.snexo-insecure.entrypoints=web" + - "traefik.http.routers.snexo.rule=Host(`snexo.co.uk`)" - "traefik.http.routers.snexo.entrypoints=websecure" - "traefik.http.routers.snexo.tls.certresolver=myresolver"