Skip to content
/ traefik-docker Public

Traefik on docker serving HTTP and HTTPS with Let's Encrypt certificates

8 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

riogezz/traefik-docker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.env
.env
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

Traefik on Docker

HTTP and HTTPS example with Let's Encrypt certificates served by DNS01-Challenge on AWS Route53 and HTTP-to-HTTPS redirect
| Please check traefik 2.1 docs for more.

.env file variables

Name Example value value Description
- Global
TZ Europe/Rome container timezone
RESTART unless-stopped container restart policy
COMPOSE_PROJECT_NAME traefik_router project name used as prepend string
- Traefik specific
VERSION latest traefik version
LOG INFO traefik minimum logging
- ACME DNS-01 Challenge
PROVIDER route53 check provider list
RESOLVER 1.1.1.1:53 public DNS server to be used for acme TXT fields checks
EMAIL xyz@domain.ltd your email
- ACME AWS Route53 example
AWS_ACCESS_KEY_ID ABCXYZ IAM username
AWS_SECRET_ACCESS_KEY 123890 IAM secret
AWS_REGION us-east-1 AWS Route53 service is region independent

| for AWS Route53 provider configuration head to AWS docs about AWS IAM credentials and policy document example or Let's Encrypt GO client route53 provider docs.

docker-compose explanation

docker-compose.yml conatins a whoami test instance with http-to-https redirect features

    labels:
      - "traefik.enable=true"
      # default route
      - "traefik.http.routers.whoami.rule=Host(`whoami.domain.tld`)"
      - "traefik.http.routers.whoami.entrypoints=https"
      - "traefik.http.routers.whoami.tls.certresolver=${PROVIDER}"
      # HTTP to HTTPS
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      - "traefik.http.routers.whoami-redirs.rule=hostregexp(`{host:.+}`)"
      - "traefik.http.routers.whoami-redirs.entrypoints=http"
      - "traefik.http.routers.whoami-redirs.middlewares=redirect-to-https"

sections explanation:

  • enable traefik configuration on this container
      - "traefik.enable=true"
  • configure router to serve "whoami.domain.tld" FQDN over https entrypoint and generate SSL certificate using provider defined inside .env (eg: route53 )
      - "traefik.http.routers.whoami.rule=Host(`whoami.domain.tld`)"
      - "traefik.http.routers.whoami.entrypoints=https"
      - "traefik.http.routers.whoami.tls.certresolver=${PROVIDER}"
  • configure http-to-https redirect scheme
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
  • apply redirect scheme to every request directed to host over http (link)
      - "traefik.http.routers.whoami-redirs.rule=hostregexp(`{host:.+}`)"
      - "traefik.http.routers.whoami-redirs.entrypoints=http"
      - "traefik.http.routers.whoami-redirs.middlewares=redirect-to-https"

Traefik dashboard will run on exposed TCP/8080 and should be like this

traefik dashboard image

About

Traefik on docker serving HTTP and HTTPS with Let's Encrypt certificates

Topics

docker ssl aws traefik https-redirect aws-route53 letsencrypt-certificates encrypt-certificates traefik-v2 traefik-docker

Resources

Readme
Activity

Stars

8 stars

Watchers

1 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published