Traefik Configuration

Traefik is a "modern HTTP reverse proxy and load balancer that makes deploying microservices easy." Among other things, Traefik can automatically discover applications like ActivityInfo that you have deployed with Docker, and automatically configure routing and an SSL certificate.

Install and configure Traefik

Digital Ocean provides a complete guide to deploying and starting Traefik on Ubuntu 20.04. Follow the instructions in this article if you do not yet have Traefik running.

Configure the ActivityInfo service

The following Docker Compose file configures the ActivityInfo server. It also runs the official clamav/clamav image as a sidecar so that ActivityInfo can scan uploaded attachments for malware (see Malware scanning with ClamAV). Save the following configuration to a file named docker-compose.yaml.

version: "3"
networks:
  web:
    external: true

services:
  clamav:
    image: clamav/clamav:stable
    volumes:
      - clamav:/var/lib/clamav
    networks:
      - web

  activityinfo:
    image: activityinfo/activityinfo:5.0.0
    volumes:
      - activityinfo:/data
    labels:
      - traefik.http.routers.activityinfo.rule=Host(`activityinfo.example.gov`)
      - traefik.http.routers.activityinfo.tls=true
      - traefik.http.routers.activityinfo.tls.certresolver=lets-encrypt
      - traefik.port=80
    environment:
      - ACTIVITYINFO_SERVER_HTTPS_PROXY=TRUE
      - ACTIVITYINFO_SERVER_DOMAIN=activityinfo.example.gov
      - ACTIVITYINFO_MALWARE_ENABLED=true
      - ACTIVITYINFO_MALWARE_HOST=clamav
      - ACTIVITYINFO_MALWARE_PORT=3310
    networks:
      - web
volumes:
  activityinfo:
  clamav:

ActivityInfo reaches the scanner over the shared web Docker network using its service-name DNS (clamav on port 3310). The clamav service carries no Traefik labels, so it stays internal and is not exposed to the Internet.

On first start the clamav/clamav image downloads its signature database, which can take a few minutes. While it is downloading, newly-uploaded attachments remain Pending and ActivityInfo automatically scans them once ClamAV is ready, so no startup ordering between the two services is required. If you do not want malware scanning, remove the clamav service and the three ACTIVITYINFO_MALWARE_* environment variables, and set ACTIVITYINFO_MALWARE_ENABLED=false.

To start the service, change to the directory in which the Docker compose file is located and run:

docker-compose up -d
Next item
Update your license key