Route tunneled port from host through traefik docker container?

kasper · May 22, 2022, 8:52pm

I have two servers:

home server running in my home network which is connected to the internet through double NAT
vps with fixed IPv4 address

On the vps, I have three docker containers running:

caddy web server
portainer
traefik

I was able to route caddy and portainer through subdomains via labels in my docker-compose file:

version: "3.7"

services:
  traefik:
    container_name: traefik
    image: traefik:latest
    networks:
      - proxy # Change if you're using another network
    ports:
      - "80:80"
      - "443:443"
      - "8001:8001"
      - "8002:8002"
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ${HOME}/docker/data/traefik/traefik.yml:/traefik.yml:ro
      - ${HOME}/docker/data/traefik/config:/config
      - ${HOME}/docker/data/traefik/letsencrypt/acme.json:/acme.json
      - /var/run/docker.sock:/var/run/docker.sock:ro
    command: --providers.docker
    restart: unless-stopped
  caddy:
    image: caddy:latest
    container_name: caddy
    restart: unless-stopped
    networks:
      - proxy
    volumes:
      - ${HOME}/docker/data/caddy/Caddyfile:/etc/caddy/Caddyfile
      - ${HOME}/docker/data/caddy/site:/srv
      - ${HOME}/docker/data/caddy/data:/data
      - ${HOME}/docker/data/caddy/config:/config
    labels:
      - "traefik.http.routers.caddy-secure.entrypoints=web_secure"
      - "traefik.http.routers.caddy-secure.rule=Host(`vps.mydomain.com`)"
      - "traefik.http.routers.caddy-secure.service=caddy"
      - "traefik.http.services.caddy.loadbalancer.server.port=80"
  portainer:
    image: portainer/portainer-ce
    container_name: portainer
    networks:
      - proxy
    command: -H unix:///var/run/docker.sock --http-enabled
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ${HOME}/docker/data/portainer:/data
    labels:
      - "traefik.http.routers.portainer-secure.entrypoints=web_secure"
      - "traefik.http.routers.portainer-secure.rule=Host(`portainer.mydomain.com`)"
      - "traefik.http.routers.portainer-secure.service=portainer"
      - "traefik.http.services.portainer.loadbalancer.server.port=9000"
    restart: unless-stopped

networks:
  # proxy is the network used for traefik reverse proxy
  proxy:
    external: true

On my home server, I run plex on port 32400. I tunneled this to the vps via an ssh tunnel:

ssh -f -N -T -R 8001:localhost:32400 myuser@vps.mydomain.com

I can access this when ssh'd into the vps via curl: curl localhost:8001 | grep -iPo '(?<=<title>)(.*)(?=</title>)'

How can I now expose this to with Traefik through the subdomain plex.mydomain.com?

I already tried adding the following to my traefik config file, but it did not work:

http:
  routers:
    plex-secure:
      entrypoints: web_secure
      rule: Host(`plex.mydomain.com`)
      service: plex
  services:
    plex:
      loadbalancer:
        server:
          port: 8001

Topic		Replies	Views
Routing to subdir instead of subdomain Traefik v2 (latest) docker	0	1773	April 15, 2020
Port forwarding with docker and ssl apps Traefik v2 (latest) docker	5	2957	November 17, 2021
Routing/Forwarding into LAN (Docker compose, Portforwarding) Traefik v2 (latest) docker	3	2754	October 13, 2022
Frequent 502 errors - Using caddy on VPS to reverse proxy to home server (docker services) behind CGNAT (with "logical ports") - Traefik 2.3 Traefik v2 (latest) docker	1	1451	December 7, 2020
Reverse proxy redirect subdomain to a local IP on LAN Traefik v2 (latest) docker	1	4856	January 1, 2021

Route tunneled port from host through traefik docker container?

Related Topics