To use this traefik, an admin user has created:
sudo apt-get install apache2-utils
Then generate the password with htpasswd. Substitute secure_password with the password you’d like to use for the Traefik admin user:
htpasswd -nb admin secure_password
The output from the program will look like this:
Output admin:$apr1$ruca84Hq$mbjdMZBAG.KWn7vfN/SNK/
You can replace the password hash in docker-compose.override.yml
This repository contains a template to deploy Traefik 2 using Docker Compose on a single machine running Docker.
- Docker
- Docker Compose
- Git
- Text editor of your choice (e.g. Vim)
Clone the repository:
$ git clone https://github.com/cedrichopf/traefik-dockerized.git
Cloning into 'traefik-dockerized'...
Create a copy of the example configuration files:
# Traefik Configuration
$ cp config/traefik.example.yml config/traefik.yml
# Custom Docker Compose Configuration
$ cp override.example.yml docker-compose.override.yml
To disable the Traefik Dashboard, change the following configuration value to false
:
api:
dashboard: false
Per default, this Traefik deployment listens on port 80
(HTTP) and 443
(HTTPS). This can be changed by adapting the address
field of the Entry Points:
entryPoints:
http:
address: ":80"
https:
address: ":443"
To let Traefik auto-discover the applications running as a Docker container on the machine, create a Docker network and add it to the configuration. In this example, the Docker network is called proxy
.
- Create a Docker network:
$ docker network create proxy
ca0a9fe39b34b9f17d5c5e938e82ce67b4423e151ae5000eee7754e89116cac1
- Add the network to the configuration:
providers:
docker:
network: proxy
To use the built-in Let's Encrypt support, add a Certificate Resolver to the configuration:
certificatesResolvers:
letsencrypt:
acme:
email: admin@example.com
storage: acme.json
httpChallenge:
entryPoint: http
The file acme.json
will be mounted inside the Traefik container and is used to store the certificates received from Let's Encrypt. Create this file and change the file permissions to 600
:
$ touch letsencrypt/acme.json
$ chmod 600 letsencrypt/acme.json
If the Traefik Dashboard is enabled, configure the router in the docker-compose.override.yml
file to make the dashboard available:
labels:
- traefik.http.routers.traefik-http.rule=Host(`traefik.example.com`)
- traefik.http.routers.traefik-http.entrypoints=http
- traefik.http.routers.traefik-http.middlewares=redirect
- traefik.http.routers.traefik-https.rule=Host(`traefik.example.com`)
- traefik.http.routers.traefik-https.entrypoints=https
- traefik.http.routers.traefik-https.tls=true
- traefik.http.routers.traefik-http.service=api@internal
- traefik.http.routers.traefik-https.service=api@internal
- traefik.http.middlewares.redirect.redirectscheme.scheme=https
Once the configuration is completed, download the Docker images and start the services using docker-compose:
$ docker-compose pull
$ docker-compose up -d
To stop the deployment, you can either run the stop
or down
command of docker-compose:
$ docker-compose stop
Stopping traefik_traefik_1 ... done
$ docker-compose down
Stopping traefik_traefik_1 ... done
Removing traefik_traefik_1 ... done
By using docker-compose down
instead of docker-compose stop
, the containers will be also removed.
To update the Traefik instance, download the latest Docker images and recreate the services:
$ docker-compose pull
Pulling traefik ... done
$ docker-compose up -d
Recreating traefik_traefik_1 ... done
The command docker-compose pull
will automatically fetch and download the latest version of Traefik available on Docker Hub. Finally, the command docker-compose up -d
will recreate the running Traefik container with the latest version.