Docker 使用Traefik配置Nginx

一般来说，我对Linux是新手，对Traefik更是新手，一段时间以来，我一直在尝试使用Traefik作为反向代理，设置一个nginx容器来服务一些AngularJS网页。我有一个小型的Ubuntu20.4服务器，托管在DigitalOcean上（如果相关的话）

我曾尝试过遵循一些不同的nginx教程，并自行处理设置，但没有成功。如果我运行一个简单的命令，如：

$docker run–命名一些nginx-d-p 8888:80 nginx

但是我只能通过myip:8888访问它，我想通过一个子域，即docs.domain.com访问它

我使用Traefik.yml设置了Traefik，如下所示：

api:
  dashboard: true

entryPoints:
  http:
    address: ":80"
  https:
    address: ":443"

providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false

certificatesResolvers:
  http:
    acme:
      email: email@email.com
      storage: acme.json
      httpChallenge:
        entryPoint: http

然后docker编写此文件：

version: '3'

services:
  traefik:
    image: traefik:v2.0
    container_name: traefik
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    networks:
      - proxy
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./traefik.yml:/traefik.yml:ro
      - ./acme.json:/acme.json
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.entrypoints=http"
      - "traefik.http.routers.traefik.rule=Host(`monitor.domain.com`)"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=admin:secret_password"
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
      - "traefik.http.routers.traefik-secure.entrypoints=https"
      - "traefik.http.routers.traefik-secure.rule=Host(`monitor.domain.com`)"
      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
      - "traefik.http.routers.traefik-secure.tls=true"
      - "traefik.http.routers.traefik-secure.tls.certresolver=http"
      - "traefik.http.routers.traefik-secure.service=api@internal"

networks:
  proxy:
    external: true

我还成功设置了一个portainer：

version: '3'

services:
  portainer:
    image: portainer/portainer:latest
    container_name: portainer
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    networks:
      - proxy
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./data:/data
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.portainer.entrypoints=http"
      - "traefik.http.routers.portainer.rule=Host(`manage.domain.com`)"
      - "traefik.http.middlewares.portainer-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.portainer.middlewares=portainer-https-redirect"
      - "traefik.http.routers.portainer-secure.entrypoints=https"
      - "traefik.http.routers.portainer-secure.rule=Host(`manage.domain.com`)"
      - "traefik.http.routers.portainer-secure.tls=true"
      - "traefik.http.routers.portainer-secure.tls.certresolver=http"
      - "traefik.http.routers.portainer-secure.service=portainer"
      - "traefik.http.services.portainer.loadbalancer.server.port=9000"
      - "traefik.docker.network=proxy"

networks:
  proxy:
    external: true

通过这种方式，我可以使用SSL访问portainer和traefik子域，没有问题

我尝试使用docker compose为nginx编写类似于portainer的文件，使用卷“/data:/usr/share/nginx/html:ro”和“/nginx.conf:/etc/nginx/nginx.conf:ro”，以及一些不同的nginx.conf选项，如官方文档中的示例。 如果有人能告诉你我应该在docker compose文件上使用哪些标签，以及如何正确地将Traefik与nginx配置接口，我将不胜感激