Move Traefik routing to file-based config
Extract routing rules from docker-compose labels to traefik.yml. Traefik now loads this file via volume mount. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
primal
+2
-33
@@ -1,7 +1,7 @@
|
|||||||
services:
|
services:
|
||||||
pds-1440-news:
|
pds-1440-news:
|
||||||
image: ghcr.io/bluesky-social/pds:0.4
|
image: ghcr.io/bluesky-social/pds:0.4.204
|
||||||
container_name: pds-1440-news
|
container_name: atproto-1440news-pds
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
volumes:
|
volumes:
|
||||||
- ./data:/pds
|
- ./data:/pds
|
||||||
@@ -9,37 +9,6 @@ services:
|
|||||||
- pds.env
|
- pds.env
|
||||||
networks:
|
networks:
|
||||||
- proxy
|
- proxy
|
||||||
labels:
|
|
||||||
- "traefik.enable=true"
|
|
||||||
# PDS API endpoint: pds.1440.news and 1440.news (alias)
|
|
||||||
- "traefik.http.routers.pds-1440-news.rule=Host(`pds.1440.news`) || Host(`1440.news`)"
|
|
||||||
- "traefik.http.routers.pds-1440-news.entrypoints=https"
|
|
||||||
- "traefik.http.routers.pds-1440-news.tls.certresolver=letsencrypt-dns"
|
|
||||||
- "traefik.http.routers.pds-1440-news.priority=10"
|
|
||||||
# Wildcard for account handles: *.1440.news (requires DNS challenge)
|
|
||||||
- "traefik.http.routers.pds-1440-news-handles.rule=HostRegexp(`^.+\\.1440\\.news$$`)"
|
|
||||||
- "traefik.http.routers.pds-1440-news-handles.entrypoints=https"
|
|
||||||
- "traefik.http.routers.pds-1440-news-handles.tls.certresolver=letsencrypt-dns"
|
|
||||||
- "traefik.http.routers.pds-1440-news-handles.tls.domains[0].main=1440.news"
|
|
||||||
- "traefik.http.routers.pds-1440-news-handles.tls.domains[0].sans=*.1440.news"
|
|
||||||
- "traefik.http.routers.pds-1440-news-handles.priority=1"
|
|
||||||
# HTTP to HTTPS redirect
|
|
||||||
- "traefik.http.routers.pds-1440-news-redirect.rule=Host(`pds.1440.news`) || Host(`1440.news`)"
|
|
||||||
- "traefik.http.routers.pds-1440-news-redirect.entrypoints=http"
|
|
||||||
- "traefik.http.routers.pds-1440-news-redirect.middlewares=https-redirect"
|
|
||||||
- "traefik.http.routers.pds-1440-news-handles-redirect.rule=HostRegexp(`^.+\\.1440\\.news$$`)"
|
|
||||||
- "traefik.http.routers.pds-1440-news-handles-redirect.entrypoints=http"
|
|
||||||
- "traefik.http.routers.pds-1440-news-handles-redirect.middlewares=https-redirect"
|
|
||||||
- "traefik.http.routers.pds-1440-news-handles-redirect.priority=1"
|
|
||||||
# Shared middleware
|
|
||||||
- "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"
|
|
||||||
- "traefik.http.middlewares.https-redirect.redirectscheme.permanent=true"
|
|
||||||
# Service port
|
|
||||||
- "traefik.http.services.pds-1440-news.loadbalancer.server.port=3000"
|
|
||||||
# Local development
|
|
||||||
- "traefik.http.routers.pds-1440-news-local.rule=Host(`pds.1440.localhost`) || Host(`1440.localhost`)"
|
|
||||||
- "traefik.http.routers.pds-1440-news-local.entrypoints=http"
|
|
||||||
- "traefik.http.routers.pds-1440-news-local.priority=10"
|
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
proxy:
|
proxy:
|
||||||
|
|||||||
+67
@@ -0,0 +1,67 @@
|
|||||||
|
# Traefik routing for PDS (1440.news)
|
||||||
|
http:
|
||||||
|
routers:
|
||||||
|
# PDS API: pds.1440.news
|
||||||
|
pds-1440-news:
|
||||||
|
rule: "Host(`pds.1440.news`)"
|
||||||
|
entryPoints: [https]
|
||||||
|
tls:
|
||||||
|
certResolver: letsencrypt-dns
|
||||||
|
service: pds-1440-news
|
||||||
|
priority: 10
|
||||||
|
|
||||||
|
# PDS API: 1440.news (only /xrpc and /.well-known)
|
||||||
|
pds-1440-news-api:
|
||||||
|
rule: "Host(`1440.news`) && (PathPrefix(`/xrpc`) || PathPrefix(`/.well-known`))"
|
||||||
|
entryPoints: [https]
|
||||||
|
tls:
|
||||||
|
certResolver: letsencrypt-dns
|
||||||
|
service: pds-1440-news
|
||||||
|
priority: 20
|
||||||
|
|
||||||
|
# Wildcard handles: *.1440.news
|
||||||
|
pds-1440-news-handles:
|
||||||
|
rule: "HostRegexp(`^.+\\.1440\\.news$$`)"
|
||||||
|
entryPoints: [https]
|
||||||
|
tls:
|
||||||
|
certResolver: letsencrypt-dns
|
||||||
|
domains:
|
||||||
|
- main: "1440.news"
|
||||||
|
sans:
|
||||||
|
- "*.1440.news"
|
||||||
|
service: pds-1440-news
|
||||||
|
priority: 1
|
||||||
|
|
||||||
|
# HTTP redirects
|
||||||
|
pds-1440-news-redirect:
|
||||||
|
rule: "Host(`pds.1440.news`)"
|
||||||
|
entryPoints: [http]
|
||||||
|
middlewares: [https-redirect]
|
||||||
|
service: pds-1440-news
|
||||||
|
|
||||||
|
pds-1440-news-api-redirect:
|
||||||
|
rule: "Host(`1440.news`) && (PathPrefix(`/xrpc`) || PathPrefix(`/.well-known`))"
|
||||||
|
entryPoints: [http]
|
||||||
|
middlewares: [https-redirect]
|
||||||
|
service: pds-1440-news
|
||||||
|
priority: 20
|
||||||
|
|
||||||
|
pds-1440-news-handles-redirect:
|
||||||
|
rule: "HostRegexp(`^.+\\.1440\\.news$$`)"
|
||||||
|
entryPoints: [http]
|
||||||
|
middlewares: [https-redirect]
|
||||||
|
service: pds-1440-news
|
||||||
|
priority: 1
|
||||||
|
|
||||||
|
# Local development
|
||||||
|
pds-1440-news-local:
|
||||||
|
rule: "Host(`pds.1440.localhost`) || Host(`1440.localhost`)"
|
||||||
|
entryPoints: [http]
|
||||||
|
service: pds-1440-news
|
||||||
|
priority: 10
|
||||||
|
|
||||||
|
services:
|
||||||
|
pds-1440-news:
|
||||||
|
loadBalancer:
|
||||||
|
servers:
|
||||||
|
- url: "http://atproto-1440news-pds:3000"
|
||||||
Reference in New Issue
Block a user