/tags/traefik/ Recent content in Traefik on contineroo.ch Hugo en-US Mon, 01 Jun 2026 19:13:47 +0000 /blog/2020/03/25/traefik-2.2--docker-global-entrypoint-configuration/ Wed, 25 Mar 2020 00:00:00 +0000 /blog/2020/03/25/traefik-2.2--docker-global-entrypoint-configuration/ <img alt="Header image" src="featured-image.png" /> <p><a href="https://user-images.githubusercontent.com/5674651/76004307-90636980-5f09-11ea-9338-b3055d8b20ee.png">Image Source</a></p> <h2 id="introduction">Introduction</h2> <p>With Traefik 2.2 it is now easier then ever to globally configure your entrypoints.</p> <p>We will show you how you can define a global redirect to <code>https</code> and how to set a default <code>certResolver</code>. So you don&rsquo;t have to set the <code>https</code> redirect in each docker-compose file.</p> <h2 id="prerequisites">Prerequisites</h2> <p>In order to follow along, you&rsquo;ll need to read <a href="https://blog.containeroo.ch/2019/09/24/2019-09-24_traefik-2.0-docker-an-advanced-guide/">the advanced Traefik guide</a> and the <a href="https://blog.containeroo.ch/2019/11/12/2019-11-12_traefik-2.0-wildcard-lets-encrypt-certificates/">wildcard guide</a> first!</p> <h2 id="update-traefik-configuration">Update Traefik Configuration</h2> <p>Change the entrypoints in the basic Traefik configuration file (<code>/opt/containers/traefik/data/traefik.yml</code>) as follows:</p> /blog/2020/01/02/traefik-2.0-route-external-services-through-traefik/ Thu, 02 Jan 2020 00:00:00 +0000 /blog/2020/01/02/traefik-2.0-route-external-services-through-traefik/ <img alt="Header image" src="featured-image.png" /> <p><a href="https://docs.traefik.io/assets/img/providers.png">Image Source</a></p> <h2 id="introduction">Introduction</h2> <p>In this tutorial we will show you how you can route non-Docker services through Traefik.</p> <p>Let&rsquo;s suppose you want to access your Pi-hole admin console (<a href="http://192.168.0.10:80/admin">http://192.168.0.10:80/admin</a>) by browsing to <code>pihole.example.com</code>.</p> <h2 id="prerequisites">Prerequisites</h2> <p>You have read our other articles:</p> <ul> <li><a href="https://blog.containeroo.ch/2019/09/24/2019-09-24_traefik-2.0-docker-a-simple-step-by-step-guide/">Traefik 2.0 + Docker: A Simple Step by Step Guide</a></li> <li><a href="https://blog.containeroo.ch/2019/09/24/2019-09-24_traefik-2.0-docker-an-advanced-guide/">Traefik 2.0 + Docker: An Advanced Guide</a></li> </ul> <p>and you use <a href="https://gist.github.com/containeroo-gists/866810758db56ea33a9c59390c18ea81">this Traefik configuration</a>.</p> <p>Make sure you configure in the providers section of your <code>/opt/traefik/data/traefik.yml</code> an external configuration file <code>/config.yml</code>.</p> /blog/2019/11/12/traefik-2.0-paranoid-about-mounting-/var/run/docker.sock/ Tue, 12 Nov 2019 00:00:00 +0000 /blog/2019/11/12/traefik-2.0-paranoid-about-mounting-/var/run/docker.sock/ <img alt="Header image" src="featured-image.png" /> <p><a href="https://www.docker.com">Image Source</a></p> <h2 id="the-problem">The Problem</h2> <p>If you have followed our previous guides, you mount the Docker Socket ( <code>/var/run/docker.sock</code>) into the Traefik container. If someone gets access into the Traefik container, they can gain full access to your host machine. This makes our paranoia level increase slightly&hellip;</p> <h2 id="the-solution">The Solution</h2> <p>We found a nice little container (<a href="https://github.com/Tecnativa/docker-socket-proxy">Socket-Proxy</a>) which &ldquo;filters&rdquo; all requests to the Docker API. We can allow only <code>get</code> requests to the Docker API and restrict it to <code>/containers/*</code>.</p> /blog/2019/11/12/traefik-2.0-wildcard-lets-encrypt-certificates/ Tue, 12 Nov 2019 00:00:00 +0000 /blog/2019/11/12/traefik-2.0-wildcard-lets-encrypt-certificates/ <img alt="Header image" src="featured-image.png" /> <p><a href="https://letsencrypt.org/images/le-logo-wide.png">Image Source</a></p> <h2 id="introduction">Introduction</h2> <p>In this tutorial we will setup Traefik to obtain wildcard certificates from Let&rsquo;s Encrypt. This requires DNS challenge to be setup. Usually Traefik obtains a certificate for every subdomain. We can simplify this process by telling Traefik to use a wildcard (*.example.com) certificate instead.</p> <h2 id="prerequisites">Prerequisites</h2> <ul> <li>Registered Domain</li> <li>Authoritative DNS Servers from one of <a href="https://docs.traefik.io/https/acme/#providers">these providers</a> (you may need to change your DNS servers of your domain to one of the provider in the list)</li> </ul> <p>In this tutorial we will use Cloudflare as our DNS servers for our domain.</p> /blog/2019/11/12/using-pi-hole-to-route-your-services-internally/ Tue, 12 Nov 2019 00:00:00 +0000 /blog/2019/11/12/using-pi-hole-to-route-your-services-internally/ <img alt="Header image" src="featured-image.png" /> <p><a href="https://www.taste-of-it.de/wp-content/uploads/2019/09/pihole-logo.png">Image Source</a></p> <h2 id="the-problem">The Problem</h2> <p>If you have followed our previous guides, chances are that you have a domain, some DNS records pointing to your public IP, port forwarding enabled and a Docker server running some services.</p> <p>Most likely your domain resolves to your public IP from you internal network as well. This causes a problem: All the traffic between your devices (e.g. your phone) to your server (physically in the same location) gets routed trough the internet, which means you have to utilize your upload and download bandwidth at the same time (e.g. while streaming from Plex), which not only causes a slower connection but also adds an unnecessary high latency.</p> /blog/2019/09/24/traefik-2.0--docker-a-simple-step-by-step-guide/ Tue, 24 Sep 2019 00:00:00 +0000 /blog/2019/09/24/traefik-2.0--docker-a-simple-step-by-step-guide/ <img alt="Header image" src="featured-image.png" /> <p><a href="https://docs.traefik.io/assets/img/traefik-architecture.png">Image Source</a></p> <h2 id="introduction">Introduction</h2> <p>In this tutorial we will go trough the following things:</p> <ol> <li>Setup and configure Traefik in a Docker container</li> <li>Let&rsquo;s Encrypt setup for automatic HTTPS certificates</li> <li>Deploy a simple service (Portainer) and expose it to the internet</li> </ol> <p>You will find all the required configuration files in our <a href="https://github.com/containeroo/traefik-simple">Git repository</a>.</p> <h2 id="prerequisites">Prerequisites</h2> <p>In order to follow along, you need these things:</p> <ul> <li>Docker (obviously)</li> <li>Docker Compose</li> <li>A domain</li> <li>Ports 80 and 443 forwarded to your Docker host</li> </ul> <h2 id="setup-and-configure-traefik-with-lets-encrypt">Setup and configure Traefik with Let&rsquo;s Encrypt</h2> <p>Let&rsquo;s get started by setting up Traefik.</p> /blog/2019/09/24/traefik-2.0--docker-an-advanced-guide/ Tue, 24 Sep 2019 00:00:00 +0000 /blog/2019/09/24/traefik-2.0--docker-an-advanced-guide/ <img alt="Header image" src="featured-image.png" /> <p><a href="https://docs.traefik.io/assets/img/routers.png">Image Source</a></p> <h2 id="introduction">Introduction</h2> <p>This tutorial is the second part of <a href="https://blog.containeroo.ch/2019/09/24/2019-09-24_traefik-2.0-docker-a-simple-step-by-step-guide/">this article</a>. We will go trough the following configurations:</p> <ol> <li>Add a file provider to <code>traefik.yml</code></li> <li>Create a config file for a central configuration for storing middlewares <code>config.yml</code>.</li> <li>Configure a middleware chain</li> </ol> <p>You will find all the required configuration files in our Git <a href="https://github.com/containeroo/traefik-advanced">repository</a>.</p> <h2 id="prerequisites">Prerequisites</h2> <p>In order to follow along, you&rsquo;ll need to read <a href="https://blog.containeroo.ch/2019/09/24/2019-09-24_traefik-2.0-docker-a-simple-step-by-step-guide/">this post</a>!</p> <h2 id="update-traefik-configuration">Update Traefik configuration</h2> <p>To setup a reusable middleware add an additional provider in the Traefik configuration file <code>traefik.yml</code> (<code>/opt/containers/traefik/traefik.yml</code>) (lines 15 and 16).</p>