Documentation
Guides
Customize tipi compose and traefik config

Customize main docker compose and traefik config

Overview

In this guide, we'll show you how to customize the default docker compose file of tipi and the traefik config.

Example use cases

  • Enable the traefik dashboard
  • Add an extra volume to the worker/dashboard containers
  • Use a dns challenge with traefik

Create a custom docker compose file

In this example we will expose the traefik dashboard by editing the main tipi compose file.

Firstly we need to figure out what port traefik dashboard uses (which is 8080) and what is the name of the docker container of traefik (which we can learn from the docker-compose.yml) which is tipi-reverse-proxy in this case.

💡

Don't edit the docker-compose.yml file directly because it will be overwritten in every restart of tipi.

  1. Create the file tipi-compose.yml in the user-config directory within the runtipi folder.
nano user-config/tipi-compose.yml
  1. You should have this file structure:
      • tipi-compose.yml
    1. Restart tipi and test the changes
    ./runtipi-cli restart

    After restarting you should be able to see the traefik dashboard by visiting localhost (opens in a new tab) (in your tipi server)

    Edit the traefik config file

    In this example we will use a dns challenge in traefik using cloudflare.

    Firstly we need to figure out what changes we should do. Very helpful can be the docs of traefik here (opens in a new tab), specifically we are interested in this (opens in a new tab) section and in this (opens in a new tab) config.

    The default traefik config is this:

    api:
      dashboard: true
      insecure: true
     
    providers:
      docker:
        endpoint: 'unix:///var/run/docker.sock'
        watch: true
        exposedByDefault: false
      file:
        directory: /root/.config/dynamic
        watch: true
     
    entryPoints:
      web:
        address: ':80'
      websecure:
        address: ':443'
        http:
          tls:
            certResolver: myresolver
     
    certificatesResolvers:
      myresolver:
        acme:
          email: acme@thisprops.com
          storage: /shared/acme.json
          httpChallenge:
            entryPoint: web
     
    log:
      level: ERROR

    So according to traefik we need to change the certificatesResolvers and include the cloudflare config. So after editing we should have something like this:

    api:
      dashboard: true
      insecure: true
     
    providers:
      docker:
        endpoint: 'unix:///var/run/docker.sock'
        watch: true
        exposedByDefault: false
      file:
        directory: /root/.config/dynamic
        watch: true
     
    entryPoints:
      web:
        address: ':80'
      websecure:
        address: ':443'
        http:
          tls:
            certResolver: myresolver
     
    certificatesResolvers:
      myresolver:
        acme:
          email: acme@thisprops.com
          storage: /shared/acme.json
          dnsChallenge:
            provider: cloudflare
            delayBeforeCheck: 0
            resolvers:
              - '1.1.1.1:53'
              - '8.8.8.8:53'
     
    log:
      level: ERROR

    Also we will need to use the previous step here and add this:

    version: '3.9'
    services:
      tipi-reverse-proxy:
        environment:
          - CF_DNS_API_TOKEN=sometoken
    💡

    Make sure to replace the previous content of the tipi-compose.yml or add the extra changes in one yaml scheme else docker won't work.

    1. Now we can edit the traefik file
    nano traefik/traefik.yml
    1. Add your changes

    So in this case we can either replace either everything or just the certificatesResolvers part.

    1. Restart your tipi and the traefik config should be persisted
    ./runtipi-cli restart