40 lines
1.4 KiB
YAML
Executable File
40 lines
1.4 KiB
YAML
Executable File
# ==============================================================================
|
|
# OGNIRNAS - PORTAINER CE (GESTIÓN DE CONTENEDORES)
|
|
# ==============================================================================
|
|
# Última revisión: 2026-01-06
|
|
# Propietario: Ognir (UID 1032 / GID 100)
|
|
# NOTA: Sin Auth de Traefik (usa su propio login interno).
|
|
# ==============================================================================
|
|
|
|
version: "3.9"
|
|
|
|
services:
|
|
portainer:
|
|
image: portainer/portainer-ce:latest
|
|
container_name: portainer
|
|
restart: always
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
|
|
networks:
|
|
services-internal-net: {}
|
|
|
|
volumes:
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro # Conexión al socket para gestión
|
|
- /volume1/docker/data/portainer:/data # Datos persistentes
|
|
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.portainer.rule=Host(`portainer.ognir-server.synology.me`)"
|
|
- "traefik.http.routers.portainer.entrypoints=websecure"
|
|
- "traefik.http.routers.portainer.tls=true"
|
|
- "traefik.http.routers.portainer.tls.certresolver=letsencrypt"
|
|
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
|
|
# --- MIDDLEWARES (SOLO CABECERAS, SIN AUTH) ---
|
|
- "traefik.http.routers.portainer.middlewares=security-headers@file"
|
|
|
|
networks:
|
|
services-internal-net:
|
|
external: true
|