From 0c9dda690d7af991a54182010e00fd02939b47a3 Mon Sep 17 00:00:00 2001
From: Michael Pilosov <mpilosov@gmail.com>
Date: Wed, 2 Jan 2019 03:41:11 +0000
Subject: [PATCH] not working but i am about to try something different.

---
 .env               |  3 +++
 Makefile           |  6 ++----
 docker-compose.yml | 36 ++++++++++++++++++++++++++++++++++++
 traefik.toml       | 29 +++++++++++++++++++++++++++++
 4 files changed, 70 insertions(+), 4 deletions(-)
 create mode 100644 traefik.toml

diff --git a/.env b/.env
index c9e5134..14d3861 100644
--- a/.env
+++ b/.env
@@ -6,6 +6,9 @@
 # values for environment variables in the configuration file IF the variables
 # are not set in the shell environment.
 
+EMAIL=consistentbayes@gmail.com
+DOMAIN_NAME=consistentbayes.com
+
 # To override these values, set the shell environment variables.
 JUPYTERHUB_VERSION=0.9.4
 
diff --git a/Makefile b/Makefile
index 13d6a0f..7ce8fa5 100644
--- a/Makefile
+++ b/Makefile
@@ -7,14 +7,12 @@ include .env
 
 network:
 	@docker network inspect $(DOCKER_NETWORK_NAME) >/dev/null 2>&1 || docker network create $(DOCKER_NETWORK_NAME)
+	@docker network inspect traefik-network >/dev/null 2>&1 || docker network create traefik-network
 
 volumes:
 	@docker volume inspect $(DATA_VOLUME_HOST) >/dev/null 2>&1 || docker volume create --name $(DATA_VOLUME_HOST)
 	@docker volume inspect $(DB_VOLUME_HOST) >/dev/null 2>&1 || docker volume create --name $(DB_VOLUME_HOST)
 
-self-signed-cert:
-	# make a self-signed cert
-
 secrets/postgres.env:
 	@echo "Generating postgres password in $@"
 	@echo "POSTGRES_PASSWORD=$(shell openssl rand -hex 32)" > $@
@@ -49,7 +47,7 @@ userlist:
 #	cert_files=
 #endif
 
-check-files: userlist secrets/acme.json secrets/oauth.env secrets/postgres.env public_html/index.html
+check-files: userlist secrets/acme.json secrets/oauth.env secrets/postgres.env public_html/index.html traefik.toml
 
 pull:
 	docker pull $(DOCKER_NOTEBOOK_IMAGE)
diff --git a/docker-compose.yml b/docker-compose.yml
index d498c23..80078a2 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -16,6 +16,8 @@ services:
       - secrets/postgres.env
     volumes:
       - "db:${DB_VOLUME_CONTAINER}"
+    networks:
+      - traefik-network
 
   hub:
     depends_on:
@@ -36,6 +38,11 @@ services:
       - "data:${DATA_VOLUME_CONTAINER}"
     ports:
       - "8000:8000"
+    networks:
+      - traefik-network
+    labels:
+      - "traefik.enable=true"
+      - "traefik.frontend.rule=Host:hub.docker.localhost"
     links:
       - hub-db
     environment:
@@ -56,6 +63,33 @@ services:
     command: >
       jupyterhub -f /srv/jupyterhub/jupyterhub_config.py
 
+  reverse-proxy:
+    image: traefik:latest
+    container_name: reverse-proxy
+    command: --web --docker --docker.domain=docker.localhost --logLevel=DEBUG
+    networks:
+      - traefik-network
+    ports:
+      - 80:80
+      - 443:443
+      - 8080:8080
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ./traefik.toml:/traefik.toml
+      - ./secrets/acme.json:/acme.json
+          
+
+  nginx:
+    image: nginx:latest
+    container_name: nginx
+    labels:
+      - "traefik.enable=true"
+      - "traefik.frontend.rule=Host:www.docker.localhost"
+    networks:
+      - traefik-network
+    volumes:
+      - ./public_html:/usr/share/nginx/html
+
 volumes:
   data:
     external:
@@ -68,3 +102,5 @@ networks:
   default:
     external:
       name: ${DOCKER_NETWORK_NAME}
+  traefik-network:
+    external: true
diff --git a/traefik.toml b/traefik.toml
new file mode 100644
index 0000000..a305ccd
--- /dev/null
+++ b/traefik.toml
@@ -0,0 +1,29 @@
+logLevel = "DEBUG"
+defaultEntryPoints = ["http", "https"]
+
+[web]
+address = ":8080"
+
+[docker]
+domain ="docker.localhost"
+watch = true
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":80"
+    [entryPoints.http.redirect]
+    entryPoint = "https"
+  [entryPoints.https]
+  address = ":443"
+    [entryPoints.https.tls]
+ 
+[acme]
+  email="consistentbayes@gmail.com"
+  storage="acme.json"
+  entryPoint="https"
+  acmeLogging=true
+  onDemand=true
+  OnHostRule=true
+
+[acme.httpChallenge]
+  entryPoint = "http"