# Gbanyan's Exposed Self-hosted Service Traefik Configuration

## Preface

Principle: 

* Low cost to maintain and interfere
* Privacy info hidden design
* Flexibility and Extensible

## Introduction

Traefik is an open-source Edge Router that makes publishing your services a fun experience. It provides powerful features like automatic HTTPS, load balancing, and more.

In this project, Traefik provides: 

* Automatic SSL/TLS certificates from Let's Encrypt when each new site is added through docker container label or dynamic.yml. (Cloudflare API)
* Docker Container Label Configuration (Docker Provider)
* Reverse Proxy with Dynamic Routing, and flexibility for manully add local service

## Configuration

### Overview

The configuration is split into several files:

- `docker-compose.yml`: Defines the services, networks, and volumes.
- `traefik.yml`: Main Traefik configuration file.
- `dynamic.yml`: Directory containing dynamic configuration for different services.
- `.env`: For DNS Challenge API, in thie project Cloudflare is adopted
- `dashboare_authfile`: For Traefik dashboard basic auth, use the command `htpasswd -nb user pass` to generate

Docker Container Label Example, please see other self-hosted docker-compose.yaml

P.S. dynamic.yml_bac is an example of adding non-docker proxy site. 

## Future To-do

* Already contain the cloudflarewarp traefik plugin to pass the real ip behind the Cloudflare CDN network, But still don't know to correctly apply it. 
* Crowdsec or fail2ban integration