variable "consul_address" { type = string description = "Full address of Consul instance to get catalog from" default = "http://127.0.0.1:5400" } variable "base_hostname" { type = string description = "Base hostname to serve content from" default = "dev.homelab" } job "traefik" { region = "global" datacenters = ["dc1"] type = "service" constraint { attribute = "${node.class}" value = "ingress" } group "traefik" { count = 1 network { port "web" { static = 80 } port "websecure" { static = 443 } } service { name = "traefik" port = "web" check { type = "http" path = "/ping" port = "web" interval = "10s" timeout = "2s" } connect { native = true } tags = [ "traefik.enable=true", "traefik.http.routers.traefik_dashboard.entrypoints=web,websecure", "traefik.http.routers.traefik_dashboard.rule=Host(`traefik.${var.base_hostname}`)", "traefik.http.routers.traefik_dashboard.service=api@internal", "traefik.http.routers.traefik_dashboard.tls=true", ] } task "traefik" { driver = "docker" config { image = "traefik:2.6" args = [ "--log.level=DEBUG", "--entryPoints.web.address=:80", "--entryPoints.websecure.address=:443", # "--entryPoints.websecure.tls=true", "--entrypoints.web.http.redirections.entryPoint.to=websecure", # "--entryPoints.admin.address=:8080", "--accesslog=true", "--api=true", "--api.dashboard=true", # "--metrics=true", # "--metrics.prometheus=true", # "--metrics.prometheus.entryPoint=admin", # "--metrics.prometheus.manualrouting=true", "--ping=true", "--ping.entryPoint=web", "--providers.consulcatalog=true", "--providers.consulcatalog.connectaware=true", "--providers.consulcatalog.connectbydefault=true", "--providers.consulcatalog.exposedbydefault=false", "--providers.consulcatalog.endpoint.address=${var.consul_address}", "--providers.consulcatalog.servicename=traefik", "--providers.consulcatalog.prefix=traefik", "--providers.consulcatalog.defaultrule=Host(`{{normalize .Name}}.${var.base_hostname}`)", ] ports = ["web", "websecure"] network_mode = "host" volumes = [] } resources { cpu = 50 memory = 50 } } } }