Skip to content
/ traefik Public

Traefik HTTP reverse proxy base configuration with SSL certificate support.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ealcantara22/traefik

BranchesTags

Repository files navigation

Description

Traefik is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy. Traefik integrates with with multiples infrastructure components (Docker, Kubernetes, ...) and configures itself automatically and dynamically.

This project focuses on the steps needed to setup a local Traefik environment.

Note: This guide asumes that you already have Docker and Docker Compose installed on your system.

Getting and running traefik

  1. Add all the domains you need to your /etc/hosts file.

    127.0.0.1   localhost.traefik.com
127.0.0.1   localhost.site.com

  2. Create an external Docker network, it will be used to connect traefik to other services.

    docker network create docker_default

  3. Clone this repository

    git clone https://github.com/ealcantara22/traefik.git
cd traefik

  4. Copy the .env.sample file as .env and fill it with the information you used in steps 1 and 2.

    cp .env.sample .env

  5. Start traefik and verify that http://localhost.traefik.com/dashboard/ works. The final / is mandatory.

    docker-compose up -d

Generating an SSL certificate

I like to run all my apps locally using HTTPS for multiple reasons, and the easiest way for me to accomplish that is supporting all the apps and services domain that I need in a single certificate by using a Multi-Domain (SAN) Certificate.

  1. Edit the openssl.conf.

    1.1. Replace the distinguished name (dn) section with your informacion. You can read more about these values here.

    [dn]
C=Country
ST=State or Province name
L=Locality name
CN=Common Name
O=Organization name
OU=Organizational Unit name
emailAddress=Email address

    1.2. Add all the domain names you need in the alt_names section.

    [alt_names]
DNS.1=localhost.traefik.com
DNS.2=localhost.site.com
DNS.3=my-domain.com
.
.
.

  2. Generate the certificate by executing the generate-ssl.sh script located in the scripts directory. You will notice that a cert.crt and cert.key files were created.

    cd scripts && ./generate-ssl.sh

Adding SSL Certificates to traefik

Now that you bought or generate a certificate, add it to traefik is really easy.

  1. Place your certificate files (generally a .crt and a .key files) inside the certs directory.

  2. Rename the tlsOptions.toml.sample file place in the dynamic directory to tlsOptions.toml.

    mv tlsOptions.toml.sample tlsOptions.toml

  3. Edit the tlsOptions.toml file content with your certificate file information using the configuration that best suits your needs. Read more here

Testing

  1. Create this docker-composer.yml file and run docker-compose up. 
    version: "3.3"

networks:
docker_default:
    external: true

services:
nginx:
    image: nginx:latest
    networks:
    - docker_default
    labels:
    - traefik.enable=true
    - traefik.docker.network=docker_default
    - traefik.http.routers.nginx.entryPoints=https
    - traefik.http.routers.nginx.rule=Host(`localhost.nginx.com`)
    - traefik.http.routers.nginx.tls=true
  2. Open your favorite web browser and go to localhost.nginx.com.

Contributions

There's always room for improvements, please submit a issue or a pull request if you have the time.

About

Traefik HTTP reverse proxy base configuration with SSL certificate support.

Topics

docker ssl containers traefik ssl-certificates

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages