style: reorder labels

11notes · 11notes · commit a80770efb680 · 2025-07-25T00:21:29.000+02:00
diff --git a/compose.yaml b/compose.yaml
@@ -3,7 +3,7 @@ services:
   socket-proxy:
     # this image is used to expose the docker socket as read-only to traefik
     # you can check https://github.com/11notes/docker-socket-proxy for all details
-    image: "11notes/socket-proxy:2.1.2"
+    image: "11notes/socket-proxy:2.1.3"
     read_only: true
     user: "0:108" 
     environment:
@@ -21,16 +21,12 @@ services:
     image: "11notes/traefik:3.5.0"
     read_only: true
     labels:
-      # read Traefiks own labels
       - "traefik.enable=true"
 
-      # example on how to secure the traefik dashboard and api
-      - "traefik.http.routers.dashboard.rule=Host(`${TRAEFIK_FQDN}`)"
-      - "traefik.http.routers.dashboard.service=api@internal"
-      - "traefik.http.routers.dashboard.middlewares=dashboard-auth"
-      - "traefik.http.routers.dashboard.entrypoints=https"
-      # admin / traefik, please change!
-      - "traefik.http.middlewares.dashboard-auth.basicauth.users=admin:$$2a$$12$$ktgZsFQZ0S1FeQbI1JjS9u36fAJMHDQaY6LNi9EkEp8sKtP5BK43C"
+      # default errors middleware
+      - "traefik.http.middlewares.default-errors.errors.status=402-599"
+      - "traefik.http.middlewares.default-errors.errors.query=/{status}"
+      - "traefik.http.middlewares.default-errors.errors.service=default-errors"
 
       # default ratelimit
       - "traefik.http.middlewares.default-ratelimit.ratelimit.average=100"
@@ -43,6 +39,14 @@ services:
       # default allowlist
       - "traefik.http.middlewares.default-ipallowlist-RFC1918.ipallowlist.sourcerange=10.0.0.0/8,172.16.0.0/12,192.168.0.0/16"
 
+      # example on how to secure the traefik dashboard and api
+      - "traefik.http.routers.dashboard.rule=Host(`${TRAEFIK_FQDN}`)"
+      - "traefik.http.routers.dashboard.service=api@internal"
+      - "traefik.http.routers.dashboard.middlewares=dashboard-auth"
+      - "traefik.http.routers.dashboard.entrypoints=https"
+      # admin / traefik, please change!
+      - "traefik.http.middlewares.dashboard-auth.basicauth.users=admin:$$2a$$12$$ktgZsFQZ0S1FeQbI1JjS9u36fAJMHDQaY6LNi9EkEp8sKtP5BK43C"
+
       # default catch-all router
       - "traefik.http.routers.default.rule=HostRegexp(`.+`)"
       - "traefik.http.routers.default.priority=1"
@@ -58,11 +62,6 @@ services:
       - "traefik.http.routers.default-http.middlewares=default-http"
       - "traefik.http.routers.default-http.service=default-http"
       - "traefik.http.services.default-http.loadbalancer.passhostheader=true"
-
-      # default errors middleware
-      - "traefik.http.middlewares.default-errors.errors.status=402-599"
-      - "traefik.http.middlewares.default-errors.errors.query=/{status}"
-      - "traefik.http.middlewares.default-errors.errors.service=default-errors"
     environment:
       TZ: "Europe/Zurich"
     command:
@@ -95,10 +94,9 @@ services:
       - "443:443/tcp"
     volumes:
       - "var:/traefik/var"
+      - "plugins:/traefik/plugins"
       # access docker socket via proxy read-only
       - "socket-proxy.run:/var/run"
-      # plugins stored as volume because of read-only
-      - "plugins:/plugins-storage"
     networks:
       backend:
       frontend:
@@ -109,7 +107,7 @@ services:
 
   errors:
     # this image can be used to display a simple error message since Traefik can’t serve content
-    image: "11notes/traefik:3.5.0"
+    image: "11notes/traefik:errors"
     read_only: true
     labels:
       - "traefik.enable=true"
