Traefik for idiots?
Traefik for idiots?
Does anyone have a guide to Traefik for an absolute idiot (myself)?
I was able to get a freshrss server running using dockercompose and was able to connect to it on my local network, but all the guides I read said I NEED to have a reverse proxy before I access it remotely.
This is probably my sign I need to actually learn how to use docker instead of being lazy as hell and copy/pasting code, but I thought I'd ask.
Or you could consider using Caddy instead: https://caddyserver.com/docs/quick-starts/reverse-proxy
15+1 for caddy. I had some issues with traefik and switched to caddy and it’s so easy!
Just need to learn the more advanced stuff for the Caddyfile like error redirects and what not.
8@fraydabson @krdo been curious about caddy before but I have no reason to switch from nginx-proxy-manager. Has anyone got any experience with both of these ? How do they compare?
1
Also consider there's a plugin designed to change its config dynamically through docker labels sort of like Traefik, although I can't say I've used it myself.
1I installed npm (Nginx Proxy Manager) without problems before I heard about Caddy.
Npm works well and requires zero maintenance, and it's easy to manually add redirects via the web ui when I start new Docker containers.
"If it works, don't fix it." But if I didn't have npm today I would try Caddy.
1
Consider Caddy … just uninstalled Traefik in favor of Caddy
10Caddy is the only reverse proxy I managed to setup. I failed miserably multiple times with Traefik and Nginx.
3
No, you don't need a reverse proxy. If you're accessing anything remotely, I highly recommend just setting up a VPN instead of exposing a bunch of different services to the Internet.
That said, traefik is dead simple. There's an example for docker-compose here: https://doc.traefik.io/traefik/user-guides/docker-compose/basic-example/
It's not completely secure, but I only use it so that I can access my services by name and over HTTPS. I don't have anything exposed to the Internet.
6In my setup I still use reverse proxy even though all of my services are inside a VPN. IMO it is just more convenient to have services accesible as subdomains or subdirectory than as different ports.
13
Techno Tim did a good video on traefik
4Here is an alternative Piped link(s): https://piped.video/watch?v=liV3c9m_OX8
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I'm open-source, check me out at GitHub.
5
As stated before you don't need a reverse proxy. Since you are exposing port 8080 ( if you stuck the config on the docker hub page; "-p 8080:80") it is reachable from everywhere, where you have access to that machine.
A reverse proxy can expose many different services running either on the same machine or from a remote. As long as the reverse proxy is in the same docker network (usually "default") it can access your services without their ports exposed.
You can configure the reverse proxy to decide which backend service to call by path, dns name or other patterns.
A reverse proxy can also do TLS termination and get certificates from let's encrypt, so the backend services don't have to deal with it.
So if you run more than one service on the same machine and want to use TLS you normally want to use a reverse proxy.
I personally use traefik because I used to but I also used nginx and caddy. Whatever works for you. But I agree that caddy is easier to get going without a lot of boilerplate config.
2Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
Fewer Letters More Letters DNS Domain Name Service/System HTTP Hypertext Transfer Protocol, the Web IP Internet Protocol SSL Secure Sockets Layer, for transparent encryption TLS Transport Layer Security, supersedes SSL VPN Virtual Private Network nginx Popular HTTP server
5 acronyms in this thread; the most compressed thread commented on today has 4 acronyms.
[Thread #43 for this sub, first seen 14th Aug 2023, 17:05] [FAQ] [Full list] [Contact] [Source code]
1