ealcantara22 / traefik

Traefik HTTP reverse proxy base configuration with SSL certificate support.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool


Traefik is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy. Traefik integrates with with multiples infrastructure components (Docker, Kubernetes, ...) and configures itself automatically and dynamically.

This project focuses on the steps needed to setup a local Traefik environment.

Note: This guide asumes that you already have Docker and Docker Compose installed on your system.

Getting and running traefik

  1. Add all the domains you need to your /etc/hosts file.   localhost.traefik.com   localhost.site.com
  2. Create an external Docker network, it will be used to connect traefik to other services.

    docker network create docker_default
  3. Clone this repository

    git clone https://github.com/ealcantara22/traefik.git
    cd traefik
  4. Copy the .env.sample file as .env and fill it with the information you used in steps 1 and 2.

    cp .env.sample .env
  5. Start traefik and verify that http://localhost.traefik.com/dashboard/ works. The final / is mandatory.

    docker-compose up -d

Generating an SSL certificate

I like to run all my apps locally using HTTPS for multiple reasons, and the easiest way for me to accomplish that is supporting all the apps and services domain that I need in a single certificate by using a Multi-Domain (SAN) Certificate.

  1. Edit the openssl.conf.

    1.1. Replace the distinguished name (dn) section with your informacion. You can read more about these values here.

    ST=State or Province name
    L=Locality name
    CN=Common Name
    O=Organization name
    OU=Organizational Unit name
    emailAddress=Email address

    1.2. Add all the domain names you need in the alt_names section.

  2. Generate the certificate by executing the generate-ssl.sh script located in the scripts directory. You will notice that a cert.crt and cert.key files were created.

    cd scripts && ./generate-ssl.sh

Adding SSL Certificates to traefik

Now that you bought or generate a certificate, add it to traefik is really easy.

  1. Place your certificate files (generally a .crt and a .key files) inside the certs directory.

  2. Rename the tlsOptions.toml.sample file place in the dynamic directory to tlsOptions.toml.

    mv tlsOptions.toml.sample tlsOptions.toml
  3. Edit the tlsOptions.toml file content with your certificate file information using the configuration that best suits your needs. Read more here


  1. Create this docker-composer.yml file and run docker-compose up.
    version: "3.3"
        external: true
        image: nginx:latest
        - docker_default
        - traefik.enable=true
        - traefik.docker.network=docker_default
        - traefik.http.routers.nginx.entryPoints=https
        - traefik.http.routers.nginx.rule=Host(`localhost.nginx.com`)
        - traefik.http.routers.nginx.tls=true
  2. Open your favorite web browser and go to localhost.nginx.com.


There's always room for improvements, please submit a issue or a pull request if you have the time.


Traefik HTTP reverse proxy base configuration with SSL certificate support.


Language:Shell 100.0%