Routing traffic using virtual machines

Hi,

I am new to traefik and I am hoping there will be no hate if I understand how it works completely wrong way. Basically I have homelab server with FreeBSD installed on Dell R430 machine. On this machine I use bhyve where I have created 4 virtual machines. I bought domain and configured it with cloudflare proxy. I have some services running across all virtual machines ie. TeamSpeak, some steam games dedicated servers etc. My idea was that I will install traefik on FreeBSD and use proxy/reverse proxy to access services from outside my local network.
for example:
Internet -> router with firewall ports exposed 443 + 80 <-> FreeBSD server with Traefik and tcp services <-> to access VM on local addresses
so when I access nextcloud.myprivatedomain.com it will access my VM 192.168.0.3:443 where I am hosting nextcloud on linux
when I access plex.myprivatedomain.com it will access my VM 192.168.0.4:443 where I am hosting on linux plex server
when I connect using teamspeak client ts3.myprivatedomain.com I will be able to access my teamspeak server on for example windows server VM.

All issues started where I tried to install traefik using pkg install traefik or making from ports on FreeBSD and unfortunatelly FreeBSD doesn't support docker so there is no possible for dashboard via website and I am not even sure if port install is working at all. Then I decided to install on Ubuntu VM where is my nextcloud and forward all ports to IP 192.168.0.3 and have my proxy and reverse proxy there. I managed to install using docker compose file. I can see dashboard obviously with some errors in config but that is not a big deal.
My question is - can I access my virtual machines using proxy and reverse proxy the way I have described above or traefik is only to be used with docker containers installed on the same machine?

Thanks in advance for your replies,
Seb

In general, if you don’t use Traefik automatic Configuration Discovery over "providers" like Docker, you can just setup a router (with "rule: Host()") and a service (with "loadbalancer.server.url") manually in a dynamic config file, which is loaded in static config with providers.file. (Doc)

Just make sure that Traefik can reach your target services inside the VMs via IP.

And it seems Traefik can be installed directly on FreeBSD, no container or VM needed (link).

Thank you for your reply. This is how I installed traefik but unfortunately it's not showing dashboard without docker container. I have process up and running on FreeBSD but I am not able to access to dashboard. I looked every possible tutorial and guide on google, youtube etc. If you know anybody who managed to get it to work please provide me a link to tutorial and I will follow it step by step. Next thing is my providers file is not being loaded. I declared in lantraefik.yml all machines and in dashboard there is nothing and links do not work.

The doc has a configuration example:

# Dynamic Configuration
http:
  routers:
    dashboard:
      rule: Host(`traefik.example.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))
      service: api@internal
      middlewares:
        - auth
  middlewares:
    auth:
      basicAuth:
        users:
          - "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
          - "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"

Hi,

@bluepuma77 thanks for your reply. I am still fighting with traefik configuration. What I have managed to do so far is my traefik works from FreeBSD along with Dashboard and only if somehow I change ports in:
[entryPoints.web]
address = ":80"

[entryPoints.websecure]
address = ":443"

to something like:
[entryPoints.web]
address = ":8088"

[entryPoints.websecure]
address = ":8443"
otherwise service doesn't start up. There is nothing in the log and also I've checked if there is anything listening on port 80 and 443 on FreeBSD using netstat and there is nothing. Next thing I've added
[entryPoints.eptcp]
address = ":8888"
and in provider file I have added

http:
routers:
service1:
rule: "Host(s1.myprivatedomain.com)"
service: service1
service2:
rule: "Host(s2.myprivatedomain.com)"
service: service2

services:
service1:
loadBalancer:
servers:
- url: "http://192.168.0.2:8888"
service2:
loadBalancer:
servers:
- url: "http://192.168.0.3:80"

Everything shows up on dashboard I believe as it should because I can see things added but when I disconnect my wifi and use mobile data to access s1.myprivatedomain.com, website doesn't come up. I've tried adding in same config file tcp rules instead http - same results.
Can somebody please advise me how to solve problems:

• starting service with ports 80 and 443 or how to find out what prevent service from start up?
• how to redirect traffic from outside to my virtual machines as I've tried I think all possible options in config file.

Obviously before pointing at things such as domain - I've got in my config correct domain that works fine, IP addresses works fine in local network (http://192.168.0.2:8888 opens website I want)

Searching on google didn't help.

Thanks in advance,
Seb

Two info bits:

1. Ports below 1024 usually require special privileges. As BSD is very much about security, you might need to set that first.

2. Ports 80+443 are used by web servers, maybe another service is already listening on them. On Linux you would use netstat -tulpn to check.

From the top of my head I used in the past nginx on FreeBSD and this was run with www user without any problems but I just asked on FreeBSD forum if there is any special privileges needed. Regarding ports 80 and 443 I've checked with netstat and sockstat (another tool to check ports used) and there is absolutely nothing using both ports. Especially that there is pretty much nothing on FreeBSD other than firewall, named and samba. Everything I run is inside virtual machines such as apache, plex etc.

By default the user www is allowed to use ports 80+443