To use this traefik, an admin user has created:

sudo apt-get install apache2-utils

Then generate the password with htpasswd. Substitute secure_password with the password you’d like to use for the Traefik admin user:

htpasswd -nb admin secure_password

The output from the program will look like this:

Output admin:$apr1$ruca84Hq$mbjdMZBAG.KWn7vfN/SNK/

You can replace the password hash in docker-compose.override.yml

Traefik Dockerized


Overview

This repository contains a template to deploy Traefik 2 using Docker Compose on a single machine running Docker.

Requirements

Installation

Clone the repository:

$ git clone https://github.com/cedrichopf/traefik-dockerized.git
Cloning into 'traefik-dockerized'...

Create a copy of the example configuration files:

# Traefik Configuration
$ cp config/traefik.example.yml config/traefik.yml
# Custom Docker Compose Configuration
$ cp override.example.yml docker-compose.override.yml

Traefik Dashboard

To disable the Traefik Dashboard, change the following configuration value to false:

api:
  dashboard: false

Entry Points

Per default, this Traefik deployment listens on port 80 (HTTP) and 443 (HTTPS). This can be changed by adapting the address field of the Entry Points:

entryPoints:
  http:
    address: ":80"
  https:
    address: ":443"

Docker Network

To let Traefik auto-discover the applications running as a Docker container on the machine, create a Docker network and add it to the configuration. In this example, the Docker network is called proxy.

  1. Create a Docker network:
$ docker network create proxy
ca0a9fe39b34b9f17d5c5e938e82ce67b4423e151ae5000eee7754e89116cac1
  1. Add the network to the configuration:
providers:
  docker:
    network: proxy

Let's Encrypt

To use the built-in Let's Encrypt support, add a Certificate Resolver to the configuration:

certificatesResolvers:
  letsencrypt:
    acme:
      email: admin@example.com
      storage: acme.json
      httpChallenge:
        entryPoint: http

acme.json

The file acme.json will be mounted inside the Traefik container and is used to store the certificates received from Let's Encrypt. Create this file and change the file permissions to 600:

$ touch letsencrypt/acme.json
$ chmod 600 letsencrypt/acme.json

Dashboard Routing

If the Traefik Dashboard is enabled, configure the router in the docker-compose.override.yml file to make the dashboard available:

labels:
  - traefik.http.routers.traefik-http.rule=Host(`traefik.example.com`)
  - traefik.http.routers.traefik-http.entrypoints=http
  - traefik.http.routers.traefik-http.middlewares=redirect
  - traefik.http.routers.traefik-https.rule=Host(`traefik.example.com`)
  - traefik.http.routers.traefik-https.entrypoints=https
  - traefik.http.routers.traefik-https.tls=true
  - traefik.http.routers.traefik-http.service=api@internal
  - traefik.http.routers.traefik-https.service=api@internal
  - traefik.http.middlewares.redirect.redirectscheme.scheme=https

Usage

Once the configuration is completed, download the Docker images and start the services using docker-compose:

$ docker-compose pull
$ docker-compose up -d

To stop the deployment, you can either run the stop or down command of docker-compose:

$ docker-compose stop
Stopping traefik_traefik_1 ... done
$ docker-compose down
Stopping traefik_traefik_1 ... done
Removing traefik_traefik_1 ... done

By using docker-compose down instead of docker-compose stop, the containers will be also removed.

Update Traefik

To update the Traefik instance, download the latest Docker images and recreate the services:

$ docker-compose pull
Pulling traefik ... done
$ docker-compose up -d
Recreating traefik_traefik_1 ... done

The command docker-compose pull will automatically fetch and download the latest version of Traefik available on Docker Hub. Finally, the command docker-compose up -d will recreate the running Traefik container with the latest version.

Resources