From f1f8c3dc785c3112147575ee3952e86f918867f7 Mon Sep 17 00:00:00 2001 From: korridor <26689068+korridor@users.noreply.github.com> Date: Fri, 13 Sep 2024 16:50:01 +0200 Subject: [PATCH 1/2] Update to traefik 3; Updated readme --- configs-local/traefik.yml | 9 +++--- configs-prod/traefik.yml | 9 +++--- docker-compose.local.yml | 2 +- docker-compose.prod.yml | 2 +- readme.md | 67 +++++++++++++++++++++------------------ 5 files changed, 49 insertions(+), 40 deletions(-) diff --git a/configs-local/traefik.yml b/configs-local/traefik.yml index 31b796b..215566b 100644 --- a/configs-local/traefik.yml +++ b/configs-local/traefik.yml @@ -13,10 +13,11 @@ entryPoints: address: ":8082" # Access logs -# accessLog: fields: -# headers: -# names: -# User-Agent: keep +#accessLog: +# fields: +# headers: +# names: +# User-Agent: keep providers: docker: diff --git a/configs-prod/traefik.yml b/configs-prod/traefik.yml index 9f21d05..edb23fe 100644 --- a/configs-prod/traefik.yml +++ b/configs-prod/traefik.yml @@ -13,10 +13,11 @@ entryPoints: address: ":8082" # Access logs -# accessLog: fields: -# headers: -# names: -# User-Agent: keep +#accessLog: +# fields: +# headers: +# names: +# User-Agent: keep providers: docker: diff --git a/docker-compose.local.yml b/docker-compose.local.yml index ae3d63e..17168e6 100644 --- a/docker-compose.local.yml +++ b/docker-compose.local.yml @@ -6,7 +6,7 @@ networks: - subnet: 10.100.100.0/24 services: traefik: - image: traefik:2.11.3 + image: traefik:v3.1.2 restart: always container_name: reverse_proxy_traefik ports: diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index 353615e..613f97c 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -3,7 +3,7 @@ networks: driver: bridge services: traefik: - image: traefik:2.11.3 + image: traefik:v3.1.2 restart: always container_name: reverse_proxy_traefik ports: diff --git a/readme.md b/readme.md index 36a205f..b6c6cba 100644 --- a/readme.md +++ b/readme.md @@ -1,35 +1,32 @@ -# Traefik 2 config +# Traefik Setup with Docker Compose - -This is a resuseable traefik config for usage on a virtual server or for local debelopment using docker-compose. +This is a reusable Traefik config for usage on a virtual server or for local development using Docker Compose. It uses: - - Traefik 2 - - docker-compose - - Let's encrypt + - [Traefik 3](https://traefik.io/traefik/) + - [Docker](https://www.docker.com/) + - [Let's encrypt](https://letsencrypt.org/) (Optional) > [!NOTE] > Check out **solidtime - The modern Open Source Time-Tracker** at [solidtime.io](https://www.solidtime.io) ## Table of content -- [Traefik 2 config](#traefik-2-config) - - [Table of content](#table-of-content) - - [Production setup](#production-setup) - - [Setting up traefik](#setting-up-traefik) - - [Traefik dashboard](#traefik-dashboard) - - [Connect docker compose service to reverse-proxy](#connect-docker-compose-service-to-reverse-proxy) - - [SSL configuration](#ssl-configuration) - - [Global middlewares](#global-middlewares) - - [Access Logs](#access-logs) - - [Setup for local development](#setup-for-local-development) - - [Setting up traefik](#setting-up-traefik-1) - - [Traefik dashboard](#traefik-dashboard-1) - - [Connect docker compose service to reverse-proxy](#connect-docker-compose-service-to-reverse-proxy-1) - - [Enable SSL locally](#enable-ssl-locally) - - [Enable SSL in the docker compose file](#enable-ssl-in-the-docker-compose-file) - - [FAQ](#faq) - - [Credits](#credits) - - [License](#license) + * [Production setup](#production-setup) + + [Setting up traefik](#setting-up-traefik) + + [Traefik dashboard](#traefik-dashboard) + + [Connect docker compose service to reverse-proxy](#connect-docker-compose-service-to-reverse-proxy) + + [SSL configuration](#ssl-configuration) + + [Global middlewares](#global-middlewares) + + [Access Logs](#access-logs) + * [Setup for local development](#setup-for-local-development) + + [Setting up traefik](#setting-up-traefik-1) + + [Traefik dashboard](#traefik-dashboard-1) + + [Connect docker compose service to reverse-proxy](#connect-docker-compose-service-to-reverse-proxy-1) + + [Enable SSL locally](#enable-ssl-locally) + + [Enable SSL in the docker compose file](#enable-ssl-in-the-docker-compose-file) + * [FAQ](#faq) + * [Credits](#credits) + * [License](#license) ## Production setup @@ -82,14 +79,14 @@ It uses: ```bash docker compose up -d ``` -7. Check that traefik is running smoothly +7. Check that Traefik is running smoothly ```bash docker compose logs ``` ### Traefik dashboard -The traefik dashboard is now available under: +The Traefik dashboard is now available under: ``` https://reverse-proxy.somedomain.com ``` @@ -198,7 +195,7 @@ Examples: ### Access Logs -To enable the traefik access logs in the production configuration, open the file `traefik.yml` within the config folder and uncomment the `accessLog` section. +To enable the Traefik access logs in the production configuration, open the file `traefik.yml` within the config folder and uncomment the `accessLog` section. ```yml # Access logs @@ -207,7 +204,7 @@ accessLog: {} ## Setup for local development -### Setting up traefik +### Setting up Traefik 1. Clone repository ```bash @@ -245,7 +242,7 @@ accessLog: {} ### Traefik dashboard -The traefik dashboard is now available under: +The Traefik dashboard is now available under: ``` http://reverse-proxy.test ``` @@ -286,7 +283,7 @@ services: **Specifying port if service exposes multiple ports** -If your service exposes multiple ports traefik does not know which one it should use. +If your service exposes multiple ports Traefik does not know which one it should use. With this config line you can select one: ```yaml @@ -349,6 +346,16 @@ services: - ... ``` +## FAQ + +**I have a IPv6-only server, what do I need to change?** + +GitHub currently does not support cloning a repository over IPv6. You can clone from my Codeberg mirror instead: + +```bash +git clone https://codeberg.org/korridor/reverse-proxy-docker-traefik.git +``` + ## Credits I used the following resources to create this setup: From 5a31d5d17defd088dd640fcda202e25bd6239d79 Mon Sep 17 00:00:00 2001 From: korridor <26689068+korridor@users.noreply.github.com> Date: Fri, 13 Sep 2024 16:54:33 +0200 Subject: [PATCH 2/2] Add tests for production setup --- .github/workflows/tests.yml | 24 ++++++++++++++++++++++++ examples/docker-compose.prod.yml | 19 +++++++++++++++++++ 2 files changed, 43 insertions(+) create mode 100644 examples/docker-compose.prod.yml diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index f88e2da..b45032d 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -25,3 +25,27 @@ jobs: run: cd examples && docker compose -f docker-compose.local.yml up -d - name: 'Test hello-world' run: curl http://hello-world.test + prod-setup: + runs-on: ubuntu-latest + steps: + - name: 'Checkout code' + uses: actions/checkout@v4 + - name: 'Setup Docker' + uses: docker-practice/actions-setup-docker@master + - name: 'Debug versions' + run: | + docker --version + - name: 'Add hosts to /etc/hosts' + run: | + sudo echo "127.0.0.1 reverse-proxy.test" | sudo tee -a /etc/hosts + sudo echo "127.0.0.1 hello-world.test" | sudo tee -a /etc/hosts + - name: 'Copy configuration files' + run: cp -r configs-local configs + - name: 'Start reverse proxy with local setup' + run: docker compose -f docker-compose.prod.yml up -d --wait + - name: 'Test dashboard' + run: curl http://reverse-proxy.test/dashboard/#/ + - name: 'Start hello-world example' + run: cd examples && docker compose -f docker-compose.prod.yml up -d + - name: 'Test hello-world' + run: curl http://hello-world.test diff --git a/examples/docker-compose.prod.yml b/examples/docker-compose.prod.yml new file mode 100644 index 0000000..57bd67c --- /dev/null +++ b/examples/docker-compose.prod.yml @@ -0,0 +1,19 @@ +version: '3.8' +services: + hello-world: + image: nginx + labels: + - "traefik.enable=true" + - "traefik.docker.network=reverse-proxy-docker-traefik_routing" + - "traefik.http.routers.test.rule=Host(`hello-world.test`)" + - "traefik.http.routers.test.entrypoints=web" + - "traefik.http.services.test.loadbalancer.server.port=80" + - "traefik.http.routers.test-https.rule=Host(`hello-world.test`)" + - "traefik.http.routers.test-https.entrypoints=websecure" + - "traefik.http.routers.test-https.tls=true" + networks: + - reverse-proxy +networks: + reverse-proxy: + name: reverse-proxy-docker-traefik_routing + external: true