ITISFoundation
diff --git a/‎services/traefik/Makefile‎
Lines changed: 8 additions & 28 deletions b/‎services/traefik/Makefile‎
Lines changed: 8 additions & 28 deletions
diff --git a/‎services/traefik/docker-compose.aws.yml‎
Lines changed: 0 additions & 54 deletions b/‎services/traefik/docker-compose.aws.yml‎
Lines changed: 0 additions & 54 deletions
diff --git a/‎services/traefik/docker-compose.dalco.yml‎
Lines changed: 0 additions & 42 deletions b/‎services/traefik/docker-compose.dalco.yml‎
Lines changed: 0 additions & 42 deletions
diff --git a/‎services/traefik/docker-compose.letsencrypt.dns.yml.j2‎
Lines changed: 0 additions & 19 deletions b/‎services/traefik/docker-compose.letsencrypt.dns.yml.j2‎
Lines changed: 0 additions & 19 deletions
diff --git a/‎services/traefik/docker-compose.letsencrypt.http.yml‎
Lines changed: 0 additions & 44 deletions b/‎services/traefik/docker-compose.letsencrypt.http.yml‎
Lines changed: 0 additions & 44 deletions
diff --git a/‎services/traefik/docker-compose.master.yml‎
Lines changed: 0 additions & 41 deletions b/‎services/traefik/docker-compose.master.yml‎
Lines changed: 0 additions & 41 deletions
diff --git a/‎services/traefik/docker-compose.public.yml‎
Lines changed: 0 additions & 43 deletions b/‎services/traefik/docker-compose.public.yml‎
Lines changed: 0 additions & 43 deletions
diff --git a/‎services/traefik/docker-compose.yml.j2‎
Lines changed: 7 additions & 40 deletions b/‎services/traefik/docker-compose.yml.j2‎
Lines changed: 7 additions & 40 deletions
@@ -56,53 +56,33 @@ ${TEMP_COMPOSE}-local: docker-compose.yml docker-compose.local.yml .env
 	set +o allexport; \
 	${REPO_BASE_DIR}/scripts/docker-stack-config.bash -e .env $< docker-compose.local.yml  > $@
 
-.PHONY: ${TEMP_COMPOSE}-letsencrypt-http
-${TEMP_COMPOSE}-letsencrypt-http: docker-compose.yml docker-compose.letsencrypt.http.yml .env
-	@set -o allexport; \
-	source .env; \
-	set +o allexport; \
-	${REPO_BASE_DIR}/scripts/docker-stack-config.bash -e .env $< docker-compose.letsencrypt.http.yml > $@
-
-.PHONY: ${TEMP_COMPOSE}-letsencrypt-dns
-${TEMP_COMPOSE}-letsencrypt-dns: docker-compose.yml docker-compose.letsencrypt.dns.yml .env
-	@set -o allexport; \
-	source .env; \
-	set +o allexport; \
-	${REPO_BASE_DIR}/scripts/docker-stack-config.bash -e .env $< docker-compose.letsencrypt.dns.yml > $@
-
 .PHONY: ${TEMP_COMPOSE}-aws
-${TEMP_COMPOSE}-aws: docker-compose.yml docker-compose.aws.yml .env
+${TEMP_COMPOSE}-aws: docker-compose.yml .env
 	@set -o allexport; \
 	source .env; \
 	set +o allexport; \
-	${REPO_BASE_DIR}/scripts/docker-stack-config.bash -e .env $< docker-compose.aws.yml > $@
+	${REPO_BASE_DIR}/scripts/docker-stack-config.bash -e .env $< > $@
 
 .PHONY: ${TEMP_COMPOSE}-dalco
-${TEMP_COMPOSE}-dalco: docker-compose.yml docker-compose.dalco.yml .env
+${TEMP_COMPOSE}-dalco: docker-compose.yml .env
 	@set -o allexport; \
 	source .env; \
 	set +o allexport; \
-	${REPO_BASE_DIR}/scripts/docker-stack-config.bash -e .env $< docker-compose.dalco.yml > $@
+	${REPO_BASE_DIR}/scripts/docker-stack-config.bash -e .env $< > $@
 
 .PHONY: ${TEMP_COMPOSE}-public
-${TEMP_COMPOSE}-public: docker-compose.yml docker-compose.public.yml .env
+${TEMP_COMPOSE}-public: docker-compose.yml .env
 	@set -o allexport; \
 	source .env; \
 	set +o allexport; \
-	${REPO_BASE_DIR}/scripts/docker-stack-config.bash -e .env $< docker-compose.public.yml > $@
+	${REPO_BASE_DIR}/scripts/docker-stack-config.bash -e .env $< > $@
 
 .PHONY: ${TEMP_COMPOSE}-master
-${TEMP_COMPOSE}-master: docker-compose.yml docker-compose.master.yml .env
+${TEMP_COMPOSE}-master: docker-compose.yml .env
 	@set -o allexport; \
 	source .env; \
 	set +o allexport; \
-	${REPO_BASE_DIR}/scripts/docker-stack-config.bash -e .env $< docker-compose.master.yml > $@
-
-.PHONY: docker-compose.letsencrypt.dns.yml
-docker-compose.letsencrypt.dns.yml: .venv .env
-	@$(call jinja, docker-compose.letsencrypt.dns.yml.j2, .env, docker-compose.letsencrypt.dns.yml.unlinted) && \
-	$(_yq) docker-compose.letsencrypt.dns.yml.unlinted > docker-compose.letsencrypt.dns.yml; \
-	rm docker-compose.letsencrypt.dns.yml.unlinted >/dev/null 2>&1;
+	${REPO_BASE_DIR}/scripts/docker-stack-config.bash -e .env $< > $@
 
 .PHONY: docker-compose.yml
 docker-compose.yml: traefik_dynamic_config.yml .venv .env
 
@@ -4,45 +4,7 @@ services:
   traefik:
     image: "traefik:v3.1.2@sha256:ec1a82940b8e00eaeef33fb4113aa1d1573b2ebb6440e10c023743fe96f08475"
     init: true
-    command:
-      - "--api=true"
-      - "--api.dashboard=true"
-      - "--accesslog=true"
-      - "--accesslog.format=json"
-      - "--accesslog.fields.defaultmode=keep"
-      - "--accesslog.fields.names.ClientUsername=keep"
-      - "--accesslog.fields.headers.defaultmode=keep"
-      - "--accesslog.fields.headers.names.User-Agent=keep"
-      - "--accesslog.fields.headers.names.Authorization=drop"
-      - "--accesslog.fields.headers.names.Content-Type=keep"
-      - "--log.level=${OPS_TRAEFIK_LOGLEVEL}"
-      - "--metrics.prometheus=true"
-      - "--metrics.prometheus.addEntryPointsLabels=true"
-      - "--metrics.prometheus.addServicesLabels=true"
-      - "--entryPoints.metrics.address=:8082"
-      - "--metrics.prometheus.entryPoint=metrics"
-      - "--entryPoints.http.address=:80"
-      - "--entryPoints.http.transport.respondingTimeouts.idleTimeout=21600s" #6h, for https://github.com/traefik/traefik/issues/10805
-      - "--entryPoints.http.transport.respondingTimeouts.writeTimeout=21600s" #6h, for https://github.com/traefik/traefik/issues/10805
-      - "--entryPoints.http.transport.respondingTimeouts.readTimeout=21600s" #6h, for https://github.com/traefik/traefik/issues/10805
-      - "--entrypoints.http.http.redirections.entrypoint.to=https"
-      - "--entrypoints.http.http.redirections.entrypoint.scheme=https"
-      - "--entrypoints.http.http.redirections.entrypoint.permanent=true"
-      - '--entryPoints.postgres.address=:5432'
-      - '--entryPoints.postgres2.address=:5433'
-      - "--entryPoints.https.address=:443"
-      - "--entryPoints.https.transport.respondingTimeouts.idleTimeout=21600s" #6h, for https://github.com/traefik/traefik/issues/10805
-      - "--entryPoints.https.transport.respondingTimeouts.writeTimeout=21600s" #6h, for https://github.com/traefik/traefik/issues/10805
-      - "--entryPoints.https.transport.respondingTimeouts.readTimeout=21600s" #6h, for https://github.com/traefik/traefik/issues/10805
-      - "--providers.swarm.endpoint=unix:///var/run/docker.sock"
-      - "--providers.swarm.exposedByDefault=false"
-      # so that internal services are not picked up
-      - "--providers.swarm.constraints=!LabelRegex(`io.simcore.zone`, `${TRAEFIK_SIMCORE_ZONE}`)"
-      - "--core.defaultRuleSyntax=v2"
-      - "--tracing=true"
-      - "--tracing.addinternals"
-      - "--tracing.otlp=true"
-      - "--tracing.otlp.http=true"
+    dns: 8.8.8.8
     ports:
       - target: 80
         published: 80
@@ -62,6 +24,7 @@ services:
     volumes:
       # So that Traefik can listen to the Docker events
       - /var/run/docker.sock:/var/run/docker.sock
+      - /etc/traefik_certs:/etc/traefik_certs
     deploy:
       # mode: global
       replicas: ${OPS_TRAEFIK_REPLICAS}
@@ -79,6 +42,7 @@ services:
           cpus: '1.000'
       placement:
         constraints:
+          - node.labels.traefik==true
           - node.role == manager
       labels:
         - traefik.enable=true
@@ -183,12 +147,15 @@ services:
         - traefik.http.routers.{{ from_domain_no_dots }}.tls=true
 
 {% endfor %}
-
+    env_file:
+        - .env
     networks:
       public: null
       monitored: null
   whoami:
     image: "containous/whoami"
+    dns: # Add this always for AWS, otherwise we get "No such image: " for docker services
+            8.8.8.8
     deploy:
       placement:
         constraints: