Self Hosting Log - 004 - Traefik
January 15, 2022
You tell me how to pronounce this, lol
So one thing you might find in your initial self hosting journey, is how you’ve got all these port numbers to keep in mind for tools. It’s perfectly fine, I mean you can just keep a post it or something where you start at a random high port number like 23456, then just increment as you deploy more things. It works, but I think it just gets kind of ugly after a while. Not to mention if you’re using say tool A that has examples of how to use tool B, you may end up finding issues and waste time troubleshooting only to realise “oh, I forgot the port number”.
Enter reverse proxies! I think if you’ve been around the block with web servers, you know what these are. In short I think an easy way of describing it is like a door man in front of a hotel, only the doorman knows who is staying in every room number. You just tell him who you want to see and he directs you to that room as you enter. You’re going through the same door every time, all you see is the door. But once you ask the doorman, they send you to where you need to go.
There’s plenty of reverse proxies out there, Nginx is one you may hear of a lot and it probably has the most tutorials on reverse proxies out there. However, I went with Traefik. Again, I learned of its existence via the Self Hosted Podcast when they had a special guest on, known as TheOrangeOne along with some folks from Traefik. They explained a lot of what goes on with it and how TheOrangeOne knows it almost inside and out. Fortunately, they maintain an excellent blog with a Hello World post for Traefik. I highly recommend checking it out and if you find it useful giving him a tip as it’s well deserved. But, once you get Traefik up and running, you can start to proxy your Docker containers.
version: "2.3"
services:
traefik:
image: traefik:v2.4
network_mode: host
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /tmp/traefik-logs:/var/log/traefik
- ./traefik:/etc/traefik
restart: unless-stopped
In my set up, I don’t rely on LetsEncrypt for certs as I keep my environment as firewalled off as I can be, old age mindset I know. So, I just pass in a certificate for my domain names, then tell Traefik to use that certificate when I label a container. Which all I need to do to get a container proxied and terminated with TLS, is these three labels.
labels:
- traefik.enable=true
- traefik.http.routers.yourRouterName.rule=Host(`example.com`)
- traefik.http.routers.yourRouterName.tls=true
Honestly this is one of my favourite pieces of software. It’s a great example of it just works and save for Gitlab, I have everything being proxied through it. It makes management of apps just that bit easier when all you need to do is remember sub domain names.
Thank you!
You could of consumed content on any website, but you went ahead and consumed my content, so I'm very grateful! If you liked this, then you might like this other piece of content I worked on.
Self Hosting Log 003 - WikiJSPhotographer
I've no real claim to fame when it comes to good photos, so it's why the header photo for this post was shot by Marc-Olivier Jodoin . You can find some more photos from them on Unsplash. Unsplash is a great place to source photos for your website, presentation and more! But it wouldn't be anything without the photographers who put in the work.
Find Them On UnsplashSupport what I do
I write for the love and passion I have for technology. Just reading and sharing my articles is more than enough. But if you want to offer more direct support, then you can support the running costs of my website by donating via Stripe. Only do so if you feel I have truly delivered value, but as I said, your readership is more than enough already. Thank you :)
Support My Work