Help with my first setup - beginner

macmattias · October 14, 2021, 5:02am

I have been using Linuxsers.io's SWAG for years and it has served me very well but it has its limitations and there is where I am at. So for years now Traefik has been on my radar but time and not really a need has kept me away from diving into it. That time has come.
I will post my first try of an Traefik setup using docker.
So what is my goal? I have around a dussin subdomains for different services I host, I want to get an SSL certificate from Cloudflare for those. I have read to many posts, watched quite a few YT. This is were I ended up.

 traefik:
      container_name: traefik
      image: traefik
      command:
        - --api=true
        - --api.dashboard=true
        - --entrypoints.web.address=:80
        - --entrypoints.websecure.address=:443
        - --entrypoints.websecure.http.tls.domains[0].main=$DOMAINNAME
        - --entrypoints.websecure.http.tls.domains[0].sans=*.$DOMAINNAME
        - --certificatesresolvers.cloudflare.acme.email=$CLOUDFLARE_EMAIL
        - --certificatesresolvers.cloudflare.acme.dnschallenge=true
        - --certificatesresolvers.cloudflare.acme.dnschallenge.delaybeforecheck=0
        - --certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare
        - --certificatesresolvers.cloudflare.acme.dnschallenge.resolvers[0]=1.1.1.1:53
        - --certificatesresolvers.cloudflare.acme.dnschallenge.resolvers[1]=8.8.8.8:53
        - --certificatesresolvers.cloudflare.acme.caServer=$TRAEFIK_ACME_CASERVER
        - --certificatesresolvers.cloudflare.acme.storage=/acme.json
        - --api.debug=true
        - --log=true
        - --log.level=ERROR
        - --providers.docker=true
        - --providers.docker.exposedbydefault=false
        - --providers.docker.network=web
      restart: unless-stopped
      networks:
        - web
      ports:
        - '80:80'
        - '443:443'
      expose:
          - 8080
      labels:
        - traefik.enable=true
        - traefik.network=web
        - traefik.port=8080
        - traefik.http.routers.traefik.service=api@internal
        - traefik.http.routers.traefik.rule=Host(`$TRAEFIK_DASHBOARD`)
        - traefik.http.routers.traefik.middlewares=traefik-auth
        - traefik.http.middlewares.traefik-auth.basicauth.users=$TRAEFIK_USER_PASS
      volumes:
        - /var/run/docker.sock:/var/run/docker.sock:ro
        - ./appdata/traefik/acme.json:/acme.json
      environment:
        - CLOUDFLARE_EMAIL=$CLOUDFLARE_EMAIL
        - CLOUDFLARE_API_KEY=$CLOUDFLARE_KEY

Be gentle. Dont scare me away.
Some more reading so the docker-compose was rewritten completly.
Still need input!

jakubhajek · October 14, 2021, 12:21pm

Hello @macmattias

Thanks for using Traefik and posting the question on the forum.

Technically speaking it is always easier to start with fewer configuration parameters and then adding more. Traefik Proxy has a lot of features so starting with basic and then trying to implement more advanced topics seems to be the appropriate way of learning.

Recently we have released two workshops, they are both related to Kubernetes but still seems they are covering basic concepts, especially in the first workshop.

Topic		Replies	Views
Problems to get tls certificates for my docker stack Traefik v2 docker	2	856	March 21, 2022
I have created a working traefik-keycloak forward auth sample Community Contributions traefik-v2	0	900	April 16, 2024
Can't Obtain Cert Traefik v2 docker	0	314	May 14, 2021
Dashboard not using certificate Traefik v2 docker	0	326	October 20, 2021
TLS issues with cloudflare. Docker Compose Traefik v2 docker	2	1018	October 2, 2022

Help with my first setup - beginner

Related topics