42 lines
1.4 KiB
Markdown
42 lines
1.4 KiB
Markdown
# Gbanyan's Exposed Self-hosted Service Traefik Configuration
|
|
|
|
## Preface
|
|
|
|
Principle:
|
|
|
|
* Low cost to maintain and interfere
|
|
* Privacy info hidden design
|
|
* Flexibility and Extensible
|
|
|
|
## Introduction
|
|
|
|
Traefik is an open-source Edge Router that makes publishing your services a fun experience. It provides powerful features like automatic HTTPS, load balancing, and more.
|
|
|
|
In this project, Traefik provides:
|
|
|
|
* Automatic SSL/TLS certificates from Let's Encrypt when each new site is added through docker container label or dynamic.yml. (Cloudflare API)
|
|
* Docker Container Label Configuration (Docker Provider)
|
|
* Reverse Proxy with Dynamic Routing, and flexibility for manully add local service
|
|
|
|
## Configuration
|
|
|
|
### Overview
|
|
|
|
The configuration is split into several files:
|
|
|
|
- `docker-compose.yml`: Defines the services, networks, and volumes.
|
|
- `traefik.yml`: Main Traefik configuration file.
|
|
- `dynamic.yml`: Directory containing dynamic configuration for different services.
|
|
- `.env`: For DNS Challenge API, in thie project Cloudflare is adopted
|
|
- `dashboare_authfile`: For Traefik dashboard basic auth, use the command `htpasswd -nb user pass` to generate
|
|
|
|
Docker Container Label Example, please see other self-hosted docker-compose.yaml
|
|
|
|
## Future To-do
|
|
|
|
* Already contain the cloudflarewarp traefik plugin to pass the real ip behind the Cloudflare CDN network, But still don't know to correctly apply it.
|
|
* Crowdsec or fail2ban integration
|
|
|
|
|
|
|