How to proxy pass to a different ip and port combo that is located on a external server

back-lacking · January 4, 2025, 9:27pm

So I have a VPS that I use to host some things publicly. They are hosted under a domain with subdomains. However, there is one service that is on a different server. On the dns provider i have for the domain, ive setup an A record for a dedicated subdomain pointed to the other servers ip. The VPS is able to reach that server and can do curl http://server.ip:port to get the contents of the service. I want to also cover it under tls like what i do with my other subdomains.
below is a diagram of what i want.

How would i setup traefik to do this? my configuration is done via the command section in a docker compose.

bluepuma77 · January 5, 2025, 8:21am

To proxy/forward requests to a different server, they can either be connected, like in a Docker Swarm.

Or you specify the external URL as service target, but that needs to be done in a dynamic config file, loaded with providers.file in static config. Check simple Traefik external example.

back-lacking · January 5, 2025, 4:40pm

The servers are not connected via docker swarm and i dont plan on connecting them via docker swarm.
as for the 2nd option, I can just add these options to my command section

      - --providers.file.filename=/traefik-dynamic.yml
      - --providers.file.watch=true

and the config section

    configs:
      - traefik-dynamic.yml

and then copy paste the sample dynamic config onto my server (ofc replacing place holder text along the way). would i need to add more to the dynamic config to accommodate the rest of my vps services running under traefik?

bluepuma77 · January 5, 2025, 5:46pm

You can probably simplify, usually no middlewares needed:

http:
  routers:
    forward:
      rule: Host(`search.example.com`)
      service: forward

  services:
    forward:
      loadBalancer:
        servers:
          - url: https://www.ecosia.org

back-lacking · January 5, 2025, 6:39pm

current traefik-dynamic.yaml

http:
  routers:
    forward:
      rule: Host(`dedicated-sub.domain`)
      service: forward

  services:
    forward:
      loadBalancer:
        servers:
          - url: http://server-ip:port

docker compose of traefik

services:
  traefik:
    image: traefik:latest
    container_name: traefik
    configs:
      - traefik-dynamic.yml
    command:
      - --log.level=INFO
      - --api=true
      - --api.dashboard=true
      - --providers.docker=true
      - --providers.docker.network=traefik
      - --providers.docker.exposedbydefault=false
      - --providers.docker.endpoint=unix:///var/run/docker.sock
      - --providers.file.filename=/traefik-dynamic.yml
      - --providers.file.watch=true

      - --entrypoints.web.address=:80
      - --entrypoints.web.http.redirections.entrypoint.to=websecure
      - --entrypoints.web.http.redirections.entrypoint.scheme=websecure
      - --entrypoints.web.http.redirections.entrypoint.permanent=true

      - --entrypoints.websecure.address=:443
      - --entrypoints.websecure.http.tls.domains[0].main=domain
      - --entrypoints.websecure.http.tls.domains[0].sans=*.domain
      - --entrypoints.websecure.http.tls.certresolver=dynudns

      - --certificatesresolvers.dynudns.acme.email=email
      - --certificatesresolvers.dynudns.acme.storage=acme.json
      - --certificatesresolvers.dynudns.acme.dnschallenge=true
      - --certificatesresolvers.dynudns.acme.dnschallenge.provider=dynu
      - --certificatesresolvers.dynudns.acme.dnschallenge.resolvers[0]=1.1.1.1:53
      - --certificatesresolvers.dynudns.acme.dnschallenge.resolvers[1]=8.8.8.8:53
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    networks:
      - traefik
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./data/acme.json:/acme.json
      - /etc/localtime:/etc/localtime:ro
    environment:
      - DYNU_API_KEY=apikey
    labels:
      - traefik.enable=true
      - traefik.docker.network=traefik
      - traefik.http.routers.dashboard.entrypoints=websecure
      - traefik.http.routers.dashboard.rule=Host(`traefik.domain`)
      - traefik.http.routers.dashboard.service=api@internal
      - traefik.http.routers.dashboard.middlewares=auth
      - traefik.http.middlewares.auth.basicauth.users=user:pass
networks:
  traefik:
    external: true
configs:
  traefik-dynamic.yml:
    file: ./traefik-dynamic.yml

back-lacking · January 5, 2025, 6:44pm

trying to access the dedicated subdomain through https would result in this error, and going past the error would result in a 404
trying to curl the http address could result in moved permanently

back-lacking · January 5, 2025, 6:49pm

disabled the dns record i made on my provider so that the ip it points to is to the vps and not the internal server i have, and accessing https://dedicated-sub.domain through my firefox browser work and displays the service

Topic		Replies	Views
Proxy to another server if URL is not served locally Traefik v2 docker , tcp	2	882	October 11, 2022
How do I pass a subdomain from a router to a service Traefik v2 docker , docker-swarm , file	1	737	April 13, 2021
How to Forward a Subdomain to an External Nginx on localhost:8080 Using Traefik? Traefik v3 (latest) rest-api , middleware	2	37	February 6, 2025
Traefik v2 + Docker Swarm + LE - Service/Subdomain routing Traefik v2 docker , docker-swarm , letsencrypt-acme	2	1310	March 23, 2022
One external IP, 2 subdomains, 2 different local IPs Traefik v2 docker , docker-swarm , middleware	1	432	May 4, 2022

How to proxy pass to a different ip and port combo that is located on a external server

Related topics