Introduction
In this tutorial we will go trough the following things:
- Setup and configure Traefik in a Docker container
- Let’s Encrypt setup for automatic HTTPS certificates
- Deploy a simple service (Portainer) and expose it to the internet
You will find all the required configuration files in our Git repository.
EDIT: Unfortunately there is currently an issue with embedded Gists on the Medium Desktop site (mobile works fine). You can find all our Gists here.
Prerequisites
In order to follow along, you need these things:
- Docker (obviously)
- Docker Compose
- A domain
- Ports 80 and 443 forwarded to your Docker host
Setup and configure Traefik with Let’s Encrypt
Let’s get started by setting up Traefik.
First, create a directory for our containers:
mkdir -p /opt/containers/{traefik,portainer}
Create the data folder and config files for Traefik:
mkdir -p /opt/containers/traefik/datatouch /opt/containers/traefik/data/acme.jsonchmod 600 /opt/containers/traefik/data/acme.jsontouch /opt/containers/traefik/data/traefik.yml
The acme.json
file is the storage file for the HTTPS certificates.
Now we create the basic Traefik configuration file:
Please change the email
address for the certificatesresolvers at line 18.
Here is the Docker Compose file for Traefik:
Using this compose file, Traefik will also expose a dashboard (Line 32). Please change the host rule at line 23 and 28 to your subdomain.
In addition, change the credentials at line 24. Those credentials must be in htpasswd format.
To generate htpasswd credentials, you can use the following command. Change <USER>
and <PASS>
echo $(htpasswd -nbB <USER> "<PASS>") | sed -e s/\$/\$\$/g
Once that’s done we can create the proxy network an fire up Traefik:
docker network create proxycd /opt/containers/traefikdocker-compose up -d
Visit traefik.example.com and enjoy the new dashboard.
Deploy Portainer
Here is the Docker Compose file for Portainer:
Again, change the subdomain portainer.example.com at line 18 and 22.
Fire up Portainer:
cd /opt/containers/portainerdocker-compose up -d
You can now visit Portainer by browsing to portainer.example.com