This repository provides a simple example on how to use Trafik as a reverse proxy for Docker services, securing your services with SSL certificates from Let's Encrypt. In this setup, we run two instances of a simple "Hello, World!" GoLang web server, each bound to a different subdomain.
Ensure that you have Docker and Docker Compose installed on your machine. You also need a registered domain name, as we'll be issuing SSL certificates for specific subdomains.
-
Clone the repository:
git clone https://github.com/sekulicd/hw-go-server.git
-
Modify the
docker-compose.yml
file:- Replace
dusan.sekulic.mne@gmail.com
with your email address - Replace
hw1.dusansekulic.me
andhw2.dusansekulic.me
with your desired subdomains
- Replace
-
Run Docker Compose:
docker-compose up -d
-
Start new service(Optional):
docker run -d \ --network=web \ --name=hw3 \ -p 8083:8080 \ --label "traefik.enable=true" \ --label 'traefik.http.routers.hw3.rule=Host(`hw3.dusansekulic.me`)' \ --label "traefik.http.routers.hw3.entrypoints=websecure" \ --label "traefik.http.routers.hw3.tls.certresolver=myresolver" \ {WEB_IMAGE}
After the Docker Compose setup has finished, you can access your services through your specified subdomains, they should be served over HTTPS, thanks to the Let's Encrypt certificates issued by Trafik.
The traefik
service is our entrypoint and routes incoming requests to the appropriate service based on the request's Host header.
It's configured to automatically generate Let's Encrypt SSL certificates for our specified subdomains. The generated certificates are stored in the ./letsencrypt/acme.json
file.
The hw1
and hw2
services are simple "Hello, World!" GoLang web servers. They're each built from the Dockerfile included in the repository and are assigned a unique subdomain through Docker Compose labels.
Remember, the Let's Encrypt CA server used here is the staging server. For production, you should use the production server https://acme-v02.api.letsencrypt.org/directory
.
Also, note that the external network 'web' is required to be pre-created before running the docker-compose up -d
command. If it doesn't exist, create it with docker network create web
.