I have two servers:
-
home server
running in my home network which is connected to the internet through double NAT -
vps
with fixed IPv4 address
On the vps
, I have three docker containers running:
- caddy web server
- portainer
- traefik
I was able to route caddy and portainer through subdomains via labels in my docker-compose
file:
version: "3.7"
services:
traefik:
container_name: traefik
image: traefik:latest
networks:
- proxy # Change if you're using another network
ports:
- "80:80"
- "443:443"
- "8001:8001"
- "8002:8002"
volumes:
- /etc/localtime:/etc/localtime:ro
- ${HOME}/docker/data/traefik/traefik.yml:/traefik.yml:ro
- ${HOME}/docker/data/traefik/config:/config
- ${HOME}/docker/data/traefik/letsencrypt/acme.json:/acme.json
- /var/run/docker.sock:/var/run/docker.sock:ro
command: --providers.docker
restart: unless-stopped
caddy:
image: caddy:latest
container_name: caddy
restart: unless-stopped
networks:
- proxy
volumes:
- ${HOME}/docker/data/caddy/Caddyfile:/etc/caddy/Caddyfile
- ${HOME}/docker/data/caddy/site:/srv
- ${HOME}/docker/data/caddy/data:/data
- ${HOME}/docker/data/caddy/config:/config
labels:
- "traefik.http.routers.caddy-secure.entrypoints=web_secure"
- "traefik.http.routers.caddy-secure.rule=Host(`vps.mydomain.com`)"
- "traefik.http.routers.caddy-secure.service=caddy"
- "traefik.http.services.caddy.loadbalancer.server.port=80"
portainer:
image: portainer/portainer-ce
container_name: portainer
networks:
- proxy
command: -H unix:///var/run/docker.sock --http-enabled
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${HOME}/docker/data/portainer:/data
labels:
- "traefik.http.routers.portainer-secure.entrypoints=web_secure"
- "traefik.http.routers.portainer-secure.rule=Host(`portainer.mydomain.com`)"
- "traefik.http.routers.portainer-secure.service=portainer"
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
restart: unless-stopped
networks:
# proxy is the network used for traefik reverse proxy
proxy:
external: true
On my home server
, I run plex on port 32400. I tunneled this to the vps
via an ssh tunnel:
ssh -f -N -T -R 8001:localhost:32400 myuser@vps.mydomain.com
I can access this when ssh'd into the vps via curl: curl localhost:8001 | grep -iPo '(?<=<title>)(.*)(?=</title>)'
How can I now expose this to with Traefik through the subdomain plex.mydomain.com
?
I already tried adding the following to my traefik config file, but it did not work:
http:
routers:
plex-secure:
entrypoints: web_secure
rule: Host(`plex.mydomain.com`)
service: plex
services:
plex:
loadbalancer:
server:
port: 8001