Traefik

The examples can be executed locally which allows simple adjustment to your own needs. Technologies used are only docker and docker-compose. For the purpose of simpler declaration I will not make use of configuration files, but only use docker labels. Let’s get started with the deeper settings Traefik provides and then get into the general log and the access log. Settings for both logs There are different settings both logs share. Getting to know them is crucial when investigating problems with your settings. You might want to adjust them temporarily for debugging purposes. ...

In this article I will show you how to use redirects to an external domain in Traefik. The example can be executed locally which allows simple adjustment to your own needs. Technologies used are only docker and docker-compose. For the purpose of simpler declaration I will not make use of configuration files, but only use docker labels. Traefik configuration A minimalistic configuration of Traefik can be seen in the code block below. Only port 80 is exposed end assigned to the web entrypoint. All incoming traffic is now routed through this specific entrypoint. ...

In the dashboard here you can see all your entrypoints (ports Traefik listens to), routers (connects requests to services), services (define how to reach your actual services) and middlewares (tweak your services eg. adding authentication) Traefik configuration The configuration of the dashboard is on the Traefik container itself. No further containers are needed. Apart from the usual configuration the dashboard in the commands section has to be allowed. The other configuration is as usual in the labels section of the Traefik container. There Traefik has to be enabled to allow listening to entrypoints. The entrypoint is the default HTTP port and we define the host. To access the dashboard locally we set it to traefik.localhost. Our service can be reached calling that URL. To link the dashboard to the previously defined host name, the service has to be set to api@internal. This is a Traefik specific service which represents the API and the dashboard. ...

In this article I will show you how to secure a service in Traefik reverse proxy using basic authentication. You could use the authentication for example to secure your Traefik dashboard. The example can be executed locally which allows simple adjustment to your own needs. Technologies used are only docker and docker-compose. For the purpose of simpler declaration I will not make use of configuration files, but only use docker labels. ...

Sometimes it is not possible or just too much effort to make the Traefik configuration work locally. Testing on a production environment can be dangerous thus should not be an option. In these cases testing small parts of the configuration is essential. Regular expressions are one example where you can save a lot of time when testing outside of traefik. The Reverse Proxy Traefik is written in Go. That is why Traefik uses the regex implementation of Go. Be aware that Go also introduces a slightly different syntax for its regular expressions. ...

Setting up SSL-Encryption with Traefik is incredibly easy due to the included ACME resolver. There is no reason not to use it, as search engines usually rank pages without HTTPS lower than pages which implement the protocol. Also security of yourself and your users should always be a critical concern. No redirect to HTTPS may cause users to use your unencrypted site thus exposing them to a great number of potential vulnerabilities by sending their private data unencrypted across the internet. Even your SEO rank might suffer due to search engines thinking that your content is duplicated as it is served under two different urls - HTTP and HTTPS. Same applies to www redirects which will be handled in another article. Save yourself the trouble and enforce HTTPS. Here is how to. ...