From 8e6d2a055007b59a0204a9e7bee2b953b089adbb Mon Sep 17 00:00:00 2001
From: "[Mufeth7]" <smufeth7@gmail.com>
Date: Fri, 4 Apr 2025 16:27:07 +0530
Subject: [PATCH]  updated Readme file and creating  SSL using Traefikand added
 Docker-compose file in example folder

---
 README.md                                |  1 +
 docs/SSL-certificate-using-Traefik .md   | 18 +++++
 docs/examples/docker-compose-traefik.yml | 85 ++++++++++++++++++++++++
 docs/examples/docker-compose.example.yml |  2 +-
 4 files changed, 105 insertions(+), 1 deletion(-)
 create mode 100644 docs/SSL-certificate-using-Traefik .md
 create mode 100644 docs/examples/docker-compose-traefik.yml

diff --git a/README.md b/README.md
index 795eb7e3..4fc526a6 100644
--- a/README.md
+++ b/README.md
@@ -37,6 +37,7 @@ this monorepo includes source code for api, frontend, and related packages:
 
 it also includes documentation in the [docs tree](/docs/):
 - [how to run a cobalt instance](/docs/run-an-instance.md)
+- [installing SSL certificate for Instance](docs/examples/docker-compose-traefik.yml)
 - [how to protect a cobalt instance](/docs/protect-an-instance.md)
 - [cobalt api instance environment variables](/docs/api-env-variables.md)
 - [cobalt api documentation](/docs/api.md)
diff --git a/docs/SSL-certificate-using-Traefik .md b/docs/SSL-certificate-using-Traefik .md
new file mode 100644
index 00000000..72dd4a54
--- /dev/null
+++ b/docs/SSL-certificate-using-Traefik .md	
@@ -0,0 +1,18 @@
+# Create Directory in OPT
+    ```sh
+    cd /opt && mkdir traefik
+    ```
+# create acme.json file in /opt/traefik/
+    ```sh
+    touch acme.json
+    chmod 600 /opt/traefik/acme.json
+    ```
+
+# after that go to docker-compose-ssl  file copy and add domain name and Email address
+
+ [docker-compose file click here](examples/docker-compose-traefik.yml)
+
+ copy the code and paste it and chagne the domain name and email address
+
+
+after creating this Just run the docker-compose file that will automatically create SSL Certificate for that Cobalt instance
diff --git a/docs/examples/docker-compose-traefik.yml b/docs/examples/docker-compose-traefik.yml
new file mode 100644
index 00000000..2cee2810
--- /dev/null
+++ b/docs/examples/docker-compose-traefik.yml
@@ -0,0 +1,85 @@
+services:
+  traefik:
+    image: traefik:v2.10
+    container_name: traefik
+    restart: always
+    ports:
+      - "80:80"
+      - "443:443"
+ #     - "8080:8080"                    you want dashboard then uncomment this 
+    command:
+      - "--api.insecure=true"
+#      - "--api.dashboard=true"         you want dashboard then uncomment this 
+      - "--providers.docker=true"
+      - "--providers.docker.exposedbydefault=false"
+      - "--entrypoints.web.address=:80"
+      - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
+      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
+      - "--entrypoints.websecure.address=:443"
+      - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
+      - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
+      - "--certificatesresolvers.myresolver.acme.email= add your email "  #add your email
+      - "--certificatesresolvers.myresolver.acme.storage=/acme.json"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - /opt/traefik/acme.json:/acme.json
+    networks:
+      - web
+
+  cobalt-api:
+    image: ghcr.io/imputnet/cobalt:10
+    container_name: cobalt-api
+    init: true
+    read_only: true
+    restart: unless-stopped
+    depends_on:
+      - traefik
+    expose:
+      - 9000
+    environment:
+      # replace https://api.url.example/ with your instance's url
+      # or else tunneling functionality won't work properly
+      API_URL: "https://api.url.example/"
+      # if you want to use cookies for fetching data from services,
+      # uncomment the next line & volumes section
+      # COOKIE_PATH: "/cookies.json"
+
+      # it's recommended to configure bot protection or api keys if the instance is public,
+      # see /docs/protect-an-instance.md for more info
+
+      # see /docs/run-an-instance.md for more variables that you can use here
+    labels:
+      - "com.centurylinklabs.watchtower.scope=cobalt"
+      - "traefik.enable=true"
+      - "traefik.http.routers.cobalt.rule=Host(`Remove and add your domain name`)"  #add your domain name
+      - "traefik.http.routers.cobalt.entrypoints=websecure"
+      - "traefik.http.routers.cobalt.tls=true"
+      - "traefik.http.routers.cobalt.tls.certresolver=myresolver"
+      - "traefik.http.services.cobalt.loadbalancer.server.port=9000"
+    # uncomment only if you use the COOKIE_PATH variable
+    # volumes:
+        # - ./cookies.json:/cookies.json
+    networks:
+      - web
+
+  watchtower:
+    image: ghcr.io/containrrr/watchtower
+    container_name: watchtower
+    restart: unless-stopped
+    command: --cleanup --scope cobalt --interval 900 --include-restarting
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    networks:
+      - web
+  
+  # if needed, use this image for automatically generating poToken & visitor_data
+  # yt-session-generator:
+  #   image: ghcr.io/imputnet/yt-session-generator:webserver
+  #   init: true
+  #   restart: unless-stopped
+  #   container_name: yt-session-generator
+  #   ports:
+  #       - 127.0.0.1:1280:8080
+networks:
+  web:
+    driver: bridge
diff --git a/docs/examples/docker-compose.example.yml b/docs/examples/docker-compose.example.yml
index b2ad73c1..87516c44 100644
--- a/docs/examples/docker-compose.example.yml
+++ b/docs/examples/docker-compose.example.yml
@@ -50,4 +50,4 @@ services:
     #     restart: unless-stopped
     #     container_name: yt-session-generator
     #     labels:
-    #       - com.centurylinklabs.watchtower.scope=cobalt
+    #       - com.centurylinklabs.watchtower.scope=cobalt
\ No newline at end of file