From 1e69c09b9b1469a0e3fc4566bd9422bf8c6fc7fb Mon Sep 17 00:00:00 2001
From: Torben Brenner <t.brenner@dkfz-heidelberg.de>
Date: Wed, 2 Mar 2022 09:45:33 +0100
Subject: [PATCH] feature: Added https support to traefik

---
 certs/README.md             | 6 ++++++
 dktk-fed/docker-compose.yml | 3 +++
 dktk-fed/traefik.yml        | 4 ++++
 3 files changed, 13 insertions(+)
 create mode 100644 certs/README.md
 create mode 100644 dktk-fed/traefik.yml

diff --git a/certs/README.md b/certs/README.md
new file mode 100644
index 0000000..12f86aa
--- /dev/null
+++ b/certs/README.md
@@ -0,0 +1,6 @@
+Drop in directory for certificates.
+You can generate the necessary certs with:
+
+``` shell
+openssl req -x509 -newkey rsa:4096 -keyout certs/traefik.key -out certs/treafik.crt -days 365
+```
diff --git a/dktk-fed/docker-compose.yml b/dktk-fed/docker-compose.yml
index 4939449..c0b9434 100644
--- a/dktk-fed/docker-compose.yml
+++ b/dktk-fed/docker-compose.yml
@@ -9,11 +9,14 @@ services:
       - --entrypoints.web.address=:80
       - --entrypoints.web-secure.address=:443
       - --providers.docker=true
+      - --providers.file.directory=/etc/traefik/dynamic_conf
     ports:
       - 80:80
       - 443:443
       - 8080:8080
     volumes:
+      - ../certs:/tools/certs
+      - ./traefik.yml:/etc/traefik/dynamic_conf/traefik.yml:ro
       - /var/run/docker.sock:/var/run/docker.sock:ro
       - ../auth/:/auth
     extra_hosts:
diff --git a/dktk-fed/traefik.yml b/dktk-fed/traefik.yml
new file mode 100644
index 0000000..d3c2c5b
--- /dev/null
+++ b/dktk-fed/traefik.yml
@@ -0,0 +1,4 @@
+tls:
+  certificates:
+    - certFile: /tools/certs/traefik.crt
+      keyFile: /tools/certs/traefik.key