An in-depth guide on installing and setting up Traefik as a reverse proxy and securing it with Let’s Encrypt.
Here are the step-by-step instructions:
Step 1: Install Docker (if not already installed)
Install Docker according to the instructions for your operating system. You can find the installation guides on the official Docker website.
Step 2: Create a Docker network
Open a terminal or command prompt and run the following command:
docker network create web
Step 3: Prepare the Traefik configuration file
Create a directory on your machine to store the Traefik configuration files. For example, /path/to/traefik/config. Inside the configuration directory, create a file named traefik.toml and paste the following content:
# traefik.toml [api] dashboard = true [entryPoints] [entryPoints.http] address = ":80" [entryPoints.https] address = ":443" [providers.docker] exposedByDefault = false [certificatesResolvers.letsencrypt.acme] email = "[email protected]" storage = "acme.json" [certificatesResolvers.letsencrypt.acme.httpChallenge] entryPoint = "http"
Make sure to replace [email protected] with your actual email address.
Step 4: Create the Traefik container
Run the following command to create the Traefik container:
docker run -d \ --name=traefik \ -p 80:80 \ -p 443:443 \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /path/to/traefik/config:/etc/traefik \ -v /path/to/traefik/acme.json:/acme.json \ --network=web \ traefik:v2.4
Replace /path/to/traefik/config with your machine’s actual path to the Traefik configuration directory.
Step 5: Set up Let’s Encrypt for automatic SSL/TLS certificates
Run the following command to create the acme.json file and set its permissions:
touch /path/to/traefik/acme.json && chmod 600 /path/to/traefik/acme.json
Step 6: Configure and start your services
Start your other Docker containers or services you want to proxy through Traefik. You need to add the appropriate labels to the Docker container for each service. Here’s an example of how to configure a service:
docker run -d \ --name=myapp \ -p 8080:80 \ -l "traefik.enable=true" \ -l "traefik.http.routers.myapp.rule=Host(`myapp.example.com`)" \ -l "traefik.http.routers.myapp.entrypoints=http" \ --network=web \ myapp:latest
Replace myapp with the name of your service/container and myapp.example.com with your desired domain name.
Step 7: Test the setup
Open a web browser and visit http://your-domain.com. You should see the Traefik dashboard. Ensure you have proper DNS records for your domain and that it resolves to the server running Traefik. That’s it! You have successfully installed and set up Traefik as a reverse proxy. Let’s Encrypt will automatically generate SSL/TLS certificates for your services.
Please note that this guide assumes you have a basic understanding of Docker and DNS configuration. Make sure to adapt the instructions to your specific setup and requirements.