added environment variables

.env.example

@@ -315,6 +315,40 @@ POSTGRES_USER=${POSTGRES_MAIN_USER}
 POSTGRES_PASSWORD=${POSTGRES_MAIN_PASSWORD}
 PGDATA=/var/lib/postgresql/data/${PROJECT_NAME}
 
+#---------------#
+#    Traefik    #
+#---------------#
+# Volumes
+ACME_JSON=/acme.json
+TRAEFIK_LOGS=/var/log/traefik
+
+# Command
+API_DASHBOARD=true
+API_INSECURE=true
+API_DEBUG=false
+ENTRYPOINTS_WEB_ADDRESS=:80
+ENTRYPOINTS_WEBSECURE_ADDRESS=:443
+TRAEFIK_LOG_LEVEL=INFO
+ACCESSLOG_FILEPATH=${TRAEFIK_LOGS}/access.log
+ACME_HTTPCHALLENGE=true
+ACME_HTTPCHALLENGE_ENTRYPOINT=web
+ACME_EMAIL=mail@example.com
+ACME_STORAGE=${ACME_JSON}
+# For prod use: https://acme-v02.api.letsencrypt.org/directory
+ACME_CASERVER=https://acme-staging-v02.api.letsencrypt.org/directory
+INSERCURE_SKIP_VERIFY=true
+
+# Labels
+TRAEFIK_ENABLE=true
+HTTP_CATCHALL_ENTRYPOINTS=web
+HTTP_CATCHALL_MIDDLEWARES=redirect-to-https
+MIDDLEWARES_REDIRECT_SCHEME=https
+
+TRAEFIK_DASHBOARD_DOMAIN=traefik.odoocker.test
+TRAEFIK_DASHBOARD_ENTRYPOINTS=websecure
+TRAEFIK_DASHBOARD_TLS_CERTRESOLVER=leresolver
+TRAEFIK_DASHBOARD_SERVICE=api@internal
+
 #-------------#
 #    Nginx    #
 #-------------#

docker-compose.override.production.yml

@@ -22,10 +22,22 @@ services:
       - 443:443
 
   traefik: 
-    restart: 'unless-stopped'
+    restart: unless-stopped
     ports:
       - 80:80
       - 443:443
+    command:
+      - --entrypoints.websecure.address=${ENTRYPOINTS_WEBSECURE_ADDRESS}
+      - --certificatesresolvers.leresolver.acme.httpchallenge=${ACME_HTTPCHALLENGE}
+      - --certificatesresolvers.leresolver.acme.httpchallenge.entrypoint=${ACME_HTTPCHALLENGE_ENTRYPOINT}
+      - --certificatesresolvers.leresolver.acme.email=${ACME_EMAIL}
+      - --certificatesresolvers.leresolver.acme.storage=${ACME_STORAGE}
+      - --certificatesresolvers.leresolver.acme.caserver=${ACME_CASERVER}
+    labels:
+      - traefik.http.routers.http-catchall.middlewares=${HTTP_CATCHALL_MIDDLEWARES}
+      - traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=${MIDDLEWARES_REDIRECT_SCHEME}
+      - traefik.http.routers.traefik-dashboard.entrypoints=${TRAEFIK_DASHBOARD_ENTRYPOINTS}
+      - traefik.http.routers.traefik-dashboard.tls.certresolver=${TRAEFIK_DASHBOARD_TLS_CERTRESOLVER}
 
   letsencrypt:
     restart: unless-stopped

docker-compose.yml

@@ -123,42 +123,29 @@ services:
     networks:
       - internal
     command:
-      - --api.dashboard=true
+      - --api.dashboard=${API_DASHBOARD}
-      - --api.insecure=false
+      - --api.insecure=${API_INSECURE}
-      - --api.debug=true
+      - --api.debug=${API_DEBUG}
-      - --entrypoints.web.address=:80
+      - --entrypoints.web.address=${ENTRYPOINTS_WEB_ADDRESS}
-      - --entrypoints.websecure.address=:443
       - --providers.docker
-      - --log.level=INFO
+      - --log.level=${TRAEFIK_LOG_LEVEL}
-      - --accesslog.filepath=/var/log/traefik/access.log
+      - --accesslog.filepath=${ACCESSLOG_FILEPATH}
-      - --certificatesresolvers.leresolver.acme.httpchallenge=true
+      - --serversTransport.insecureSkipVerify=${INSERCURE_SKIP_VERIFY}
-      - --certificatesresolvers.leresolver.acme.httpchallenge.entrypoint=web
-      - --certificatesresolvers.leresolver.acme.email=xxxxxx@yourdomain.tld #Set your email address here, is for the generation of SSL certificates with Let's Encrypt. 
-      - --certificatesresolvers.leresolver.acme.storage=/acme.json
-        # - --certificatesresolvers.leresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
-      - --serversTransport.insecureSkipVerify=true
     tty: true
     volumes:
-      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      - ${DOCKER_SOCK}:${DOCKER_SOCK}:ro
-      - "./acme.json:/acme.json"
+      - ./acme.json:${ACME_JSON}
-      - traefik_logs:/var/log/traefik
+      - traefik_logs:${TRAEFIK_LOGS}
     labels:
-      - "traefik.enable=true"
+      - traefik.enable=${TRAEFIK_ENABLE}
-
       # Catch all HTTP trafic and redirect it to HTTPS
-      - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
+      - traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)
-      - "traefik.http.routers.http-catchall.entrypoints=web"
+      - traefik.http.routers.http-catchall.entrypoints=${HTTP_CATCHALL_ENTRYPOINTS}
-      - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
-      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
-
       # Traefik Dashboard route
-      - "traefik.http.routers.traefik-dashboard.rule=Host(`traefik.yourdomain.tld`)"
+      - traefik.http.routers.traefik-dashboard.rule=Host(`${TRAEFIK_DASHBOARD_DOMAIN}`)
-      - "traefik.http.routers.traefik-dashboard.entrypoints=websecure"
+      - traefik.http.routers.traefik-dashboard.service=${TRAEFIK_DASHBOARD_SERVICE}
-      - "traefik.http.routers.traefik-dashboard.tls.certresolver=leresolver"
-      - "traefik.http.routers.traefik-dashboard.service=api@internal"
     profiles: [$TRAEFIK_PROFILES]
 
-
   letsencrypt:
     image: nginxproxy/acme-companion:${ACME_COMPANION_TAG}
     depends_on: