New to Traefik, I am having a hard time to put together all the components needed to filter requests by IP address.
My main provider is docker, and for the sake of the example let's assume there are two containers: internalonly
and public
. Both expose port 80
and are accessible via Traefik (they have a label which matches the host).
I would like public
to also be reachable from Internet. To this, I will
- forward port
81
on my firewall so that it hits Traefik. - on Traefik, I will add a new
entryPoint
for port81
.
The idea is that traffic from Internet directed to public.example.com:81
will be caught and analyzed by Traefik which will check for "some information provided by the labels of the container" (1) and if present, allow the traffic to the service (2). Otherwise the traffic will be denied.
I do not know how to articulate the points (1) and (2).