Skip to content

lbarbaglia/traefik2-config

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

docker-compose.yml

docker-compose.yml

 
 

traefik.toml

traefik.toml

 
 

Repository files navigation

Traefik v2.3.2 configuration

This is the docker compose and configuration for an instance of Traefik v2.3.2

You can find a quick draft for v1.7 configuration on an older commit

Features

  • HTTP redirect to HTTPS
  • Let's Encrypt auto-generated certificates via HTTP challenge

Be careful as the Traefik dashboard is configured as insecure. You can comment line 20 of traefic.toml to prevent this behavior

Installation

  1. Clone the repository
  2. Uncomment and replace <mail> in traefik.toml by your email for Let's Encrypt
  3. Create an empty "acme.json" file at the base of this folder. Then set the correct permissions.
    touch acme.json & chmod 600 acme.json

Let's Encrypt is requiring an acme.json file to store certificates. Click here to know more

  1. Add these labels to your docker compose service and Traefik will automatically add them.
    Don't forget to replace:
    • <domain name> by the domain name of the service
    • <service> by your service name
    • <port> by the service's port you want Traefik to redirect to (optional)
...
<service>:
  ...
  labels:
    - traefik.http.routers.<service>.rule=Host("<domain name>")
    - traefik.http.services.<service>.loadbalancer.server.port=<port>
    - traefik.http.routers.<service>.tls=true
    - traefik.http.routers.<service>.tls.certresolver=letsencrypt
    - traefik.http.routers.<service>.entrypoints=web-secure
    - traefik.enable=true
...

Required labels:

Redirect incoming requests to <domain name>. Details on Traefik rules here

traefik.http.routers.<service>.rule=Host("<domain name>")

Enable tls on the service:

traefik.http.routers.<service>.tls=true

Use certresolver letsencrypt configured in traefik.toml:

traefik.http.routers.<service>.tls.certresolver=letsencrypt

Accept requests from web-secure entrypoint only:

traefik.http.routers.<service>.entrypoints=web-secure

More info here:

traefik.enable=true

Optional labels:

Redirect incoming traffic to port <port> of the service:

traefik.http.services.<service>.loadbalancer.server.port=<port>

  1. Create an docker network with this command:
    docker network create web

  2. Add this at the end of your docker-compose file (you have to add it for every different docker-compose file)

...
networks:
  web:
    external: true
  1. Add the service to the network:
...
<service>:
  ...
  networks:
    web:
...

The network web enable traefik instance to communicate with other services from different docker-composes

  1. Once everything is done, launch the traefik instance from traefik-config folder.
    docker-compose up

Congratulation, you can now access the Traefik dashboard on port 8080 of your server/PC!

If you have any questions or suggestions, please open an issue or a pull request.

About

Traefik v2.3.2 Configuration

lbarbaglia.github.io/traefik2-config/

Topics

configuration traefik

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository