services: traefik: image: traefik:v3.2 user: "{{ docker_user.id }}" environment: - CF_DNS_API_TOKEN={{ vault_cloudflare_api_token }} - GANDIV5_API_KEY={{ vault_gandi_api_key }} volumes: - ./traefik:/etc/traefik restart: unless-stopped ports: - 80:80 - 443:443 - "{{ private_ip }}:8080:8080" depends_on: - docker_proxy networks: - default - traefik - proxy_private docker_proxy: image: lscr.io/linuxserver/socket-proxy:latest restart: unless-stopped environment: - CONTAINERS=1 - INFO=1 volumes: - /var/run/docker.sock:/var/run/docker.sock:ro networks: - proxy_private tmpfs: - /run logging: driver: none certs: image: slocomptech/traefik-cert-extract:latest restart: unless-stopped networks: [] volumes: - ./traefik:/data:ro - ./certs:/config/certs logging: driver: none networks: traefik: external: true proxy_private: internal: true