In this blog we will create a docker-compose file to setup a Traefik Server with Letsencrypt for Dockers to use as a Reverse Proxy.
To use this docker-compose file you will need to have an server with docker and docker-compose installed.
version: '3'
services:
traefik:
image: traefik:2.4
command:
- "--providers.docker.endpoint=unix:///var/run/docker.sock"
- "--providers.docker.network=proxy"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.letsencryptresolver.acme.httpchallenge=true"
- "--certificatesresolvers.letsencryptresolver.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencryptresolver.acme.email=info@email.com"
- "--certificatesresolvers.letsencryptresolver.acme.storage=/letsencrypt/acme.json"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--api.dashboard=true"
ports:
- 80:80
- 443:443
volumes:
- traefik-certificates:/letsencrypt
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- proxy
container_name: traefik2
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`<linkeddomain>`)"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.tls.certresolver=letsencryptresolver"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.middlewares=traefik-auth"
- "traefik.http.middlewares.traefik-auth.basicauth.users=<basic_auth_user_and_password>"
volumes:
traefik-certificates:
networks:
proxy:
external: true
To get this working you should change the parts <localdomain> and <basic_auth_user_and_password> with your corresponding needs.
To create a basic auth user and password you can use the following command and choose your user and password.
echo $(htpasswd -nb <user> <password>) | sed -e s/\\$/\\$\\$/g
No Comment