DEV Community

Cover image for Traefik with docker compose
victor_dalet
victor_dalet

Posted on

Traefik with docker compose

#docker #traefik

In this short post, I show how to use the traefik image in docker compose to publish your site with your domain name and generate an ssl certificate.

I - Create the traefik.toml file

  • Create the traefik.tom file
  • Copy the following code into it
  • Add your email address at the end of the file 
[api] dashboard = true insecure = true [entryPoints] [entryPoints.web] address = ":80" [entryPoints.web.http] [entryPoints.web.http.redirections] [entryPoints.web.http.redirections.entryPoint] to = "websecure" scheme = "https" permanent = true [entryPoints.websecure] address = ":443" [entryPoints.websecure.http.tls] certResolver = "default" [providers] [providers.docker] watch = true exposedByDefault = false network = "web" [certificatesResolvers] [certificatesResolvers.default] [certificatesResolvers.default.acme] email = "" storage = "acme.json" caServer = "https://acme-v02.api.letsencrypt.org/directory" [certificatesResolvers.default.acme.tlsChallenge]
Enter fullscreen mode Exit fullscreen mode

II - Create the acme.json file

This file is used to store https certificates.
You must assign the correct right as in the following example.

touch acme.json chmod 600 acme.json
Enter fullscreen mode Exit fullscreen mode

III - Create network

  • Type the following command in your terminal 
docker network create web
Enter fullscreen mode Exit fullscreen mode
  • Add this code to the end of your docker-compose file 
networks: web: external: true
Enter fullscreen mode Exit fullscreen mode

IV - Traefik docker image

Here's the docker-compose block to call traefik, share the http and https ports and the many configuration files.
D'ont fortget to add the network we've just created inside.
Port 8080 is the traefik interface, so you don't have to add it.
The different labels are used to accept www subdomains.

 reverse-proxy: image: traefik:v2.4 container_name: traefik ports: - "80:80" - "8080:8080" - "443:443" volumes: - /var/run/docker.sock:/var/run/docker.sock - traefik.toml:/etc/traefik/traefik.toml - acme.json:/acme.json labels: - "traefik.http.middlewares.strip-www.redirectregex.regex=^https?://(www\\.)(.+)" - "traefik.http.middlewares.strip-www.redirectregex.replacement=https://$${2}" - "traefik.http.middlewares.strip-www.redirectregex.permanent=true" restart: always networks: - web
Enter fullscreen mode Exit fullscreen mode

V - Configure traefik for your docker compose service

In your other block, you need to add the network and the various labels.
The first label is to activate traefik, the second to add your domain or sub-domain (don't forget to change the name of your router --> in this example it's api and front), the last is to redirect to https.

 api: build: api/ labels: - "traefik.enable=true" - "traefik.http.routers.api.rule=Host(`api.monsite.fr`)" - "traefik.http.routers.api.entrypoints=websecure" networks: - web restart: always front: build: context: front/ dockerfile: Dockerfile.prod labels: - "traefik.enable=true" - "traefik.http.routers.front.rule=Host(`monsite.fr`)" - "traefik.http.routers.front.entrypoints=websecure" networks: - web
Enter fullscreen mode Exit fullscreen mode

Top comments (0)