version: '3' services: mgmt: image: portainer/portainer-ce:2.15.0-alpine container_name: portainer hostname: mgmt restart: unless-stopped security_opt: - no-new-privileges:true networks: - proxy volumes: - /etc/localtime:/etc/localtime:ro - /var/run/docker.sock:/var/run/docker.sock:ro - /root/portainer/data:/data labels: - "traefik.enable=true" - "traefik.http.routers.portainer.entrypoints=http" - "traefik.http.routers.portainer.rule=Host(`mgmt.office.kh3group.com`)" - "traefik.http.middlewares.portainer-https-redirect.redirectscheme.scheme=https" - "traefik.http.routers.portainer.middlewares=portainer-https-redirect" - "traefik.http.routers.portainer-secure.rule=Host(`mgmt.office.kh3group.com`)||Host(`mgmt.kh3group.com`)" - "traefik.http.routers.portainer-secure.tls=true" - "traefik.http.routers.portainer-secure.service=portainer" - "traefik.http.services.portainer.loadbalancer.server.port=9000" - "traefik.docker.network=proxy" - "com.github.SnowMB.traefik-certificate-extractor.restart_domain=office.kh3group.com" networks: proxy: external: true