Wednesday, October 8, 2025

Docker running Neo4j with traefik routing browser (:7474) and Bolt (:7687) using cloudflare ddns and letsencrypt (cloudflare and letsencrypt configs are not shown)

 Here is my traefik / dynamic / neo4j-mydomain-bolt.yaml file:

tcp:
  routers:
    mydomain-neo4j-bolt-router:
      entryPoints:
        - bolt
      rule: "HostSNI(`bolt.mydomain.com`)"
      service: mydomain-neo4j-bolt-service
      tls:
        certResolver: cloudflare

  services:
    mydomain-neo4j-bolt-service:
      loadBalancer:
        servers:
          - address: "172.16.5.74:7687"

here is my traefik/dynamic/neo4j-browser-mydomain.yaml file:

http:
  routers:
    sandbox-neo4j-browser-ui-router:
      entryPoints:
        - websecure
      rule: "Host(`sandbox.mydomain.com`)"
      service: sandbox-neo4j-browser-service
      tls:
        certResolver: cloudflare

  services:
    sandbox-neo4j-browser-service:
      loadBalancer:
        servers:
          - url: "http://172.16.5.74:7474"

my /traefik.yml file:

entryPoints:
  web:
    address: ":80"
  websecure:
    address: ":443"
    http:
      tls:
        options: tls-options
  bolt:
    address: ":7687"

tls:
  options:
    tls-options:
      minVersion: VersionTLS12

api:
  dashboard: true
  insecure: false

providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  file:
    directory: /etc/traefik/dynamic
    watch: true

log:
  level: DEBUG

certificatesResolvers:
  cloudflare:
    acme:
      email: me@mydomain.com
      storage: /acme.json
      dnsChallenge:
        provider: cloudflare
        delayBeforeCheck: 0
        resolvers:
          - "1.1.1.1:53"
          - "8.8.8.8:53"

And Finally my docker-compose.yaml for the neo4j server:

x-neo4j-common: &neo4j-common
  image: neo4j:5.26.6
  restart: unless-stopped
  environment:
    NEO4J_AUTH: "neo4j/mysecretpassword"
    NEO4J_server_memory_heap_initial__size: "512m"
    NEO4J_server_memory_heap_max__size: "1g"
    NEO4J_PLUGINS: "[\"apoc\"]"
    NEO4J_dbms_security_procedures_unrestricted: "apoc.*"
    NEO4J_dbms_security_procedures_allowlist: "apoc.*"
    NEO4J_apoc_import_file_enabled: true
    NEO4J_apoc_export_file_enabled: true
    NEO4J_apoc_import_file_use__neo4j__config: true
  networks:
    - internal-net

services:
  sandbox:
    <<: *neo4j-common
    container_name: neo4j-sandbox
    environment:
      NEO4J_server_memory_heap_initial__size: "4g"
      NEO4J_server_memory_heap_max__size: "8g"
      NEO4J_server_memory_pagecache_size: "16g"
      NEO4J_dbms_security_procedures_unrestricted: "apoc.*"
      NEO4J_dbms_security_procedures_allowlist: "apoc.*"
      NEO4J_apoc_import_file_enabled: true
      NEO4J_apoc_export_file_enabled: true
      NEO4J_apoc_import_file_use__neo4j__config: true
    ports:
      - "172.16.5.74:7474:7474"   # HTTP
      - "172.16.5.74:7687:7687"   # Bolt
    volumes:
      - /volume1/docker/neo4j-stack/neo4j/sandbox/data:/data
      - /volume1/docker/neo4j-stack/neo4j/sandbox/import:/import
      - /volume1/docker/neo4j-stack/neo4j/sandbox/plugins:/plugins
      - /volume1/docker/neo4j-stack/neo4j/sandbox/backups:/backups
      - /volume1/docker/neo4j-stack/neo4j/sandbox/conf:/var/lib/neo4j/conf

networks:
  internal-net:
Posted by at No comments:
Subscribe to: Posts (Atom)