swarm-production/stacks/core/traefik/stack.yml

services:
  traefik:
    image: traefik:v3.5.4
    # Remove all command arguments - using static config file instead
    ports:
    - 80:80
    - 443:443
    - 8080:8080
    environment:
    - CF_DNS_API_TOKEN_FILE=/run/secrets/cloudflare_api_token
    volumes:
    - /var/run/docker.sock:/var/run/docker.sock:ro
    - /home/doc/projects/swarm/conf/traefik-conf/static.yml:/etc/traefik/traefik.yml:ro
    - /home/doc/projects/swarm/conf/traefik-conf/dynamic.yml:/etc/traefik/dynamic/dynamic.yml:rw
    - /home/doc/projects/swarm-data/appdata/traefik/certificates:/certificates
    secrets:
    - cloudflare_api_token
    networks:
    - homelab
    healthcheck:
      test: [ "CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:8080/ping" ]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 30s
    deploy:
      mode: replicated
      replicas: 1
      placement:
        constraints:
          - node.hostname == p0

networks:
  homelab:
    external: true

secrets:
  cloudflare_api_token:
    external: true