Traefik geoblock

     # Installs the plugin
      - "--experimental.plugins.geoblock.modulename=github.com/PascalMinder/geoblock"
      - "--experimental.plugins.geoblock.version=v0.2.8"

      - "--entrypoints.websecure.http.middlewares=my-geoblock@file"

version: '3.3'
services:
  traefik:
    image: "traefik:latest"
    container_name: "traefik"
    restart: unless-stopped
    logging:
     driver: "json-file"
     options:
        max-size: 10m
        max-file: "5"
    command:
      - "--accesslog=true"
      - "--accesslog.filepath=/var/log/traefik/access.log"
      - "--log.filePath=/var/log//traefik/traefik.log"
      - "--log.level=DEBUG"
      - "--api.insecure=true"
     # Letsencrypt cert cloudflare
      - "--certificatesresolvers.letsencrypt.acme.email=<email>"
      - "--certificatesresolvers.letsencrypt.acme.storage=/acme/acme.json"
      - "--certificatesresolvers.letsencrypt.acme.dnsChallenge=true"
      - "--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare"
      - "--certificatesresolvers.letsencrypt.acme.dnschallenge.delaybeforecheck=10"    
      # Enable the Trafik dashboard
      - "--api.dashboard=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
     # Global redirect http till https
      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
      - "--entrypoints.web.http.redirections.entryPoint.scheme=https"
      - "--entrypoints.web.http.redirections.entrypoint.permanent=true"
     # Middleware entrypoint
     # Sets the my-geoblock@file (local file provdider so all "all" sites use it)
      - "--entrypoints.websecure.http.middlewares=my-geoblock@file"
     # Installs the plugin
      - "--experimental.plugins.geoblock.modulename=github.com/PascalMinder/geoblock"
      - "--experimental.plugins.geoblock.version=v0.2.8"
     # Dynamic file folder 
      - "--providers.file.directory=/configuration"
      - "--providers.file.watch=true"
      # Disable backend ssl check
      - "--serverstransport.insecureskipverify=true"
    ports:
      - "80:80"
      - "443:443"
      # 8080 traefik dashboard
      - "8080:8080"
    volumes:
      - '/var/run/docker.sock:/var/run/docker.sock:ro'
      - 'traefik-configurations:/configuration'
      - 'traefik-logs:/var/log/traefik'
      - 'acme:/acme'
    environment:
      - "CLOUDFLARE_EMAIL=<email>"
      - "CLOUDFLARE_DNS_API_TOKEN=<token>"
      - TZ=Europe/Stockholm
    network_mode: host  
volumes:
  traefik-configurations:
  acme:
  traefik-logs:

http:
    middlewares:
        my-geoblock:
            plugin:
                geoblock:
                    allowLocalRequests: "true"
                    allowUnknownCountries: "false"
                    api: https://get.geojs.io/v1/ip/country/{ip}
                    apiTimeoutMs: "150"
                    cacheSize: "15"
                    countries:
                        - SE
                        - AX
                    forceMonthlyUpdate: "true"
                    logAllowedRequests: "false"
                    logApiRequests: "true"
                    logLocalRequests: "false"
                    silentStartUp: "false"
                    unknownCountryApiResponse: nil
                    blackListMode: false
                    httpStatusCodeDeniedRequest: 404