Customize main docker compose and traefik config
In this guide, we'll show you how to customize the default docker compose file of tipi and the traefik config.
This guide is for advanced users who are familiar with docker and traefik. If you break the config we won't be able to support you.
Example use cases
- Enable the traefik dashboard
- Add an extra volume to the worker/dashboard containers
- Use a dns challenge with traefik
Create a custom docker compose file
In this example we will expose the traefik dashboard by editing the main tipi compose file.
Firstly we need to figure out what port traefik dashboard uses (which is 8080) and what is the name of the docker container of traefik (which we can learn from the docker-compose.yml
) which is runtipi-reverse-proxy
in this case.
Don't edit the docker-compose.yml
file directly because it will be overwritten in every restart
of tipi.
- Create the file
tipi-compose.yml
in theuser-config
directory within theruntipi
folder.
nano user-config/tipi-compose.yml
- You should have this file structure:
- tipi-compose.yml
- Restart tipi and test the changes
./runtipi-cli restart
After restarting you should be able to see the traefik dashboard by visiting localhost (opens in a new tab) (in your tipi server)
Edit the traefik config file
In this example we will use a dns challenge in traefik using cloudflare.
Firstly we need to figure out what changes we should do. Very helpful can be the docs of traefik here (opens in a new tab), specifically we are interested in this (opens in a new tab) section and in this (opens in a new tab) config.
The default traefik config is this:
api:
dashboard: true
insecure: true
providers:
docker:
endpoint: 'unix:///var/run/docker.sock'
watch: true
exposedByDefault: false
file:
directory: /root/.config/dynamic
watch: true
entryPoints:
web:
address: ':80'
websecure:
address: ':443'
http:
tls:
certResolver: myresolver
certificatesResolvers:
myresolver:
acme:
email: acme@thisprops.com
storage: /shared/acme.json
httpChallenge:
entryPoint: web
log:
level: ERROR
So according to traefik we need to change the certificatesResolvers
and include the cloudflare config. So after editing we should have something like this:
api:
dashboard: true
insecure: true
providers:
docker:
endpoint: 'unix:///var/run/docker.sock'
watch: true
exposedByDefault: false
file:
directory: /root/.config/dynamic
watch: true
entryPoints:
web:
address: ':80'
websecure:
address: ':443'
http:
tls:
certResolver: myresolver
certificatesResolvers:
myresolver:
acme:
email: acme@thisprops.com
storage: /shared/acme.json
dnsChallenge:
provider: cloudflare
delayBeforeCheck: 0
resolvers:
- '1.1.1.1:53'
- '8.8.8.8:53'
log:
level: ERROR
Also we will need to use the previous step here and add this:
version: '3.9'
services:
tipi-reverse-proxy:
environment:
- CF_DNS_API_TOKEN=sometoken
Make sure to replace the previous content of the tipi-compose.yml
or add the extra changes in
one yaml scheme else docker won't work.
- Now we can edit the traefik file
nano traefik/traefik.yml
- Add your changes
So in this case we can either replace either everything or just the certificatesResolvers
part.
- Restart your tipi and the traefik config should be persisted
./runtipi-cli restart