Jira&Docker&Traefik设置

时间:2019-02-14 14:35:19

标签: docker jira traefik

我是Traefik的首次用户,我使用Traefik和Let's Encrypt Cert成功地为Jira配置了此docker compose设置。

我的问题是,吉拉必须能够将与自己联系起来。他们有一些像小工具之类的Jira服务,可以通过JavaScript通过自己在http上的地址通过JavaScript加载数据。这种服务不适用于我。他们是描述此问题并显示解决方案的支持文档。但是我不知道如何使用Traefik / Docker正确地设置它。 https://confluence.atlassian.com/jirakb/how-to-fix-gadget-titles-showing-as-__msg_gadget-813697086.html

您的帮助会很棒。非常感谢!

version: '3'

services:

  reverse-proxy:
    image: traefik # The official Traefik docker image
    command: --docker # Enables the web UI and tells Traefik to listen to docker --api
    ports:
      - "80:80"     # The HTTP port
      - "443:443"   # The HTTPS port
      - "8081:8080" # The Web UI (enabled by --api)
    hostname: traefik
    restart: unless-stopped
    domainname: ${DOMAINNAME}
    networks:
      - frontend
      - backend
    labels:
      - "traefik.enable=false"
      - "traefik.frontend.rule=Host:traefik.${DOMAINNAME}"  
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
      - /etc/compose/traefik:/etc/traefik
      - /etc/compose/shared:/shared

  jira:
    image: dchevell/jira-software:${JIRAVERSION}
    ports:
      - 8080:8080
    networks:
      - backend
    restart: unless-stopped    
    volumes:
      - /data/files/jira/data:/var/atlassian/application-data/jira
    environment:
      - JVM_MAXIMUM_MEMORY=2048m
      - JVM_MINIMUM_MEMORY=768m
      - CATALINA_CONNECTOR_PROXYNAME=jira.${DOMAINNAME}
      - CATALINA_CONNECTOR_PROXYPORT=443
      - CATALINA_CONNECTOR_SCHEME=https
      - CATALINA_CONNECTOR_SECURE=true
    depends_on:
      - jira-postgresql
    links:
      - "jira-postgresql:database"      
    labels:
      - "traefik.enable=true"
      - "traefik.backend=jira"
      - "traefik.frontend.rule=Host:jira.${DOMAINNAME}"
      - "traefik.port=8080"

  jira-postgresql:
    image: postgres:9.6.11-alpine
    networks:
      - backend
    ports:
      - 5432:5432
    restart: unless-stopped     
    volumes:
      - /data/index/postgresql/data/:/var/lib/postgresql/data
    environment:
      - POSTGRES_PASSWORD=jira
      - POSTGRES_USER=jira
      - POSTGRES_DB=jira
    labels:
      - "traefik.enable=false"      

  # Portainer
  portainer:
    image: portainer/portainer
    container_name: portainer
    restart: always
    ports:
      - 9000:9000    
    command: -H unix:///var/run/docker.sock
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./etc-portainer/data:/data
    environment:
      TZ: ${TZ}
    labels:
      - "traefik.enable=false"       

networks:
  frontend:
    external:
      name: frontend
  backend:
    driver: bridge

1 个答案:

答案 0 :(得分:0)

配置我通过安全性使用应用程序-并非超级直观,但看起来它可以正确地重定向安全流量。我已经在godaddy上使用acme来获取证书,并且在强制强制的情况下,它似乎可以通过https正常运行:

强制重定向以供参考:

[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]

以及我用来正确部署东西的dockerfile:

version: '3'

services:
  jira:
    image: dchevell/jira-software:8.1.0
    deploy:
      restart_policy:
        condition: on-failure
      labels:
        - traefik.frontend.rule=Host:jira.mydomain.com
        - traefik.enable=true
        - traefik.port=8080
    ports:
      - "8080"
    networks:
      - traefik-pub
      - jiranet
    environment:
      - CATALINA_CONNECTOR_PROXYNAME=jira.mydomain.com
      - CATALINA_CONNECTOR_PROXYPORT=443
      - CATALINA_CONNECTOR_SCHEME=https
      - CATALINA_CONNECTOR_SECURE=true 

  jira-postgresql:
    image: postgres:11.2-alpine
    networks:
      - jiranet
    ports:
      - "5432"  
    volumes:
      - jira-postgres-data:/var/lib/postgresql/data
    environment:
      - POSTGRES_PASSWORD=supersecret
      - POSTGRES_USER=secret_user
      - POSTGRES_DB=jira_db
    labels:
      - "traefik.enable=false"      

volumes:
  jira-postgres-data:

networks:
  traefik-pub:
    external: true
  jiranet:
    driver: overlay

这仍然需要手动配置数据库-我可能有一天会花一些时间来建立自己的jira dockerfile,该文件已经接受了数据库配置,但是通过这一工作,我看不出在预配置数据库连接需要20秒钟的额外工作,而不是重建我自己没有写的dockerfile。