tiredofit/docker-traefik tiredofit/docker-traefik

  • Stars
    star
    29
  • Rank 860,307 (Top 17 %)
  • Language
    Dockerfile
  • License
    MIT License
  • Created over 5 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
tiredofit/docker-traefik
github

tiredofit

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Dockerized Traefik Reverse Proxy with customizable options

github.com/tiredofit/docker-traefik

GitHub release Build Status Docker Stars Docker Pulls Become a sponsor Paypal Donate

About

This will build an image for Traefik a modernized proxy built in GO built for containerized service deployment.

  • Sane Defaults to have a working solution by just running the image
  • Automatically generates configuration files on startup, or option to use your own
  • Supports most traditional use cases w/Docker
  • Choice of Logging (Console, File w/logrotation)

This is an incredibly complex piece of software that will tries to get you up and running with sane defaults, you will need to switch eventually over to manually configuring the configuration file when depending on your usage case

Maintainer

Table of Contents

Prerequisites and Assumptions

  • Assumes you have access to create records on your DNS server to be able to fully use this image. While it will work locally, features such as certificate issuance via LetsEncrypt will fail without proper resolving DNS.

Installation

Build from Source

Clone this repository and build the image with docker build -t (imagename) .

Prebuilt Images

Builds of the image are available on Docker Hub

docker pull docker.io/tiredofit/traefik:(imagetag)

Builds of the image are also available on the Github Container Registry

docker pull ghcr.io/tiredofit/docker-traefik:(imagetag)

The following image tags are available along with their tagged release based on what's written in the Changelog:

Traefik Version OS Base Tag
latest Alpine :latest
2.9.x Alpine :2.9-latest
2.8.x Alpine :2.8-latest
2.7.x Alpine :2.7-latest
2.6.x Alpine :2.6-latest
2.5.x Alpine :2.5-latest
2.4.x Alpine :2.4-latest
2.3.x Alpine :2.3-latest
2.2.x Alpine :2.2-latest
1.7.x Alpine :1.7-latest

Multi Architecture

Images are built primarily for amd64 architecture, and may also include builds for arm/v7, arm64 and others. These variants are all unsupported. Consider sponsoring my work so that I can work with various hardware. To see if this image supports multiple architecures, type docker manifest (image):(tag)

Configuration

Quick Start

  • The quickest way to get started is using docker-compose. See the examples folder for a working compose.yml that can be modified for development or production use.

  • Set various environment variables to understand the capabilities of this image.

  • Map persistent storage for access to configuration and data files for backup.

_This image in it's auto configured state allows for using less labels than usual. This is what I use in my produciton environments, and if I need to add more configuration options I do, but if you are simply using as an HTTP/HTTPS reverse proxy you can get by with the bare minimum on your proxied containers as such:

      - traefik.enable=true
      - traefik.http.routers.whoami.rule=Host(`whoami.example.com`) || Host(`whoami2.example.com`)
      - traefik.http.services.whoami.loadbalancer.server.port=80

Persistent Storage

The following directories/files should be mapped for persistent storage in order to utilize the container effectively.

Folder Description
/data/config (Optional) - Traefik core configuration files. Auto Generates on Container startup
/data/config/custom (Optional) - If using manual mode and wish to add dynamic File configuration, add it in here (.yml)
/data/logs (Optional) - Logfiles if you wish to store to files
/data/certs (Optional) - If you wish to utilize ACME/LetsEncrypt Certificates or SSL map this directory
/var/run/docker.sock Easiest way to get going - Map the hosts docker socket to the container

Environment Variables

Base Images used

This image relies on an Alpine Linux or Debian Linux base image that relies on an init system for added capabilities. Outgoing SMTP capabilities are handlded via msmtp. Individual container performance monitoring is performed by zabbix-agent. Additional tools include: bash,curl,less,logrotate, nano. Be sure to view the following repositories to understand all the customizable options:

Image Description
OS Base Customized Image based on Alpine Linux

There are a huge amount of configuration variables and it is recommended that you get comfortable for a few hours with the Traefik Documentation

You will eventually based on your usage case switch over to SETUP_TYPE=MANUAL and edit your own config.yml. While I've tried to make this as easy to use as possible, once in production you'll find much better success with large implementations with this approach.

By Default this image is ready to run out of the box, without having to alter any of the settings with the exception of the docker-compose.yml hostname/domainname variables/labels.

General Settings

Parameter Description Default
SETUP_TYPE AUTO to auto generate config on bootup, Otherwise MANUAL lets admin control configuration. AUTO
CONFIG_FILE Configuration file to load config.toml
CHECK_NEW_VERSION Check for new Traefik Release FALSE
SEND_ANONYMOUS_USAGE Send Anonymous Usage Stats FALSE
TRAEFIK_USER Run traefik as user (options: root or traefik) `root
CONFIG_CUSTOM_PATH Where to store custom/dynamic files ${CONFIG_PATH}/custom/
CONFIG_PATH Where configuration files are kept ${DATA_PATH}/config
DATA_PATH Root Volatile Data folder /data/
LOG_PATH Log Path ${DATA_PATH}/logs

Logging Settings

Parameter Description Default
ACCESS_LOG_FILE File to store access log - Same directory as TRAEFIK_LOG_PATH access.log
ACCESS_LOG_FORMAT Format to store logs in common / json common
ACCESS_LOG_TYPE Display logs via CONSOLE or write to FILE CONSOLE
LOG_FORMAT Format to store logs in common / json common
LOG_TYPE Display logs via CONSOLE or write to FILE CONSOLE
LOG_LEVEL Log levels DEBUG INFO WARN ERROR FATAL ERROR

Docker Settings

Parameter Description Default _FILE
ENABLE_DOCKER Enable Docker Mode TRUE
DOCKER_ENDPOINT How to connect to Docker unix:///var/run/docker.sock x
DOCKER_CONSTRAINTS Docker Constraints ""
DOCKER_DEFAULT_HOST_RULE Docker Access rule - Default: Host({{ normalize .Name }}) "Host({{ normalize .Name }})"
DOCKER_DEFAULT_NETWORK Default Network for Traefik to operate on proxy
DOCKER_HTTP_TIMEOUT Timeout in seconds for HTTP connections 600
ENABLE_DOCKER_SWARM_MODE Enable Swarm Mode FALSE
DOCKER_SWARM_MODE_REFRESH Swarm refresh in seconds 15
DOCKER_EXPOSE_CONTAINERS Expose Containers by Default FALSE

HTTP/HTTPS Settings

Parameter Description Default
ENABLE_HTTP Enable HTTP Support TRUE
ENABLE_HTTP_FORWARDED_HEADERS Enable HTTP Forwarded Headers FALSE
HTTP_LISTEN_IP Address to bind for HTTP 0.0.0.0
HTTP_LISTEN_PORT Port to bind for HTTP 80
HTTP_TIMEOUT_ACCEPTGRACE Accept Grace Timeout 0
HTTP_TIMEOUT_GRACE Grace Timeout 10
HTTP_TIMEOUT_IDLE Idle Timeout 180
HTTP_TIMEOUT_READ Read Timeout 0
HTTP_TIMEOUT_WRITE Write Timeout 0
ENABLE_COMPRESSION_HTTP Enable Gzip Compression TRUE
ENABLE_HTTP_PROXY_PROTOCOL Enable HTTP Proxy Protocol Support FALSE
ENABLE_HTTP3 Enable HTTP3 support FALSE
ENABLE_HTTPS Enable HTTPS Support TRUE
HTTP3_LISTEN_PORT UDP port to bind for HTTP3 443
HTTPS_ENTRYPOINT Name of HTTP Entrypoint websecure
ENABLE_HTTPS_FORWARDED_HEADERS Enable HTTPS Forwarded Headers FALSE
HTTPS_LISTEN_IP Address to bind for HTTP 0.0.0.0
HTTPS_LISTEN_PORT Port to bind for HTTPS 443
HTTPS_TIMEOUT_ACCEPTGRACE Accept Grace Timeout 0
HTTPS_TIMEOUT_GRACE Grace Timeout 10
HTTPS_TIMEOUT_IDLE Idle Timeout 180
HTTPS_TIMEOUT_READ Read Timeout 0
HTTPS_TIMEOUT_WRITE Write Timeout 0
ENABLE_COMPRESSION_HTTPS Enable Gzip Compression TRUE
ENABLE_HTTPS_UPGRADE Automatically forward HTTP -> HTTPS TRUE
ENABLE_HTTPS_SNI_STRICT Enable Strict SNI Checking for Certificates FALSE
ENABLE_HTTPS_PROXY_PROTOCOL Enable HTTP Proxy Protocol Support FALSE
TRUSTED_IPS Use for Proxy Protocol Variables - Comma Seperated. 127.0.0.1/32,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
TLS_MINIMUM_VERSION Set TLS Minimum Version for HTTPS VersionTLS12
TLS_CIPHERS Set Ciphers TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305

LetsEncrypt Settings

Parameter Description Default _FILE
ENABLE_LETSENCRYPT Enable LetsEncrypt Certificate Generation TRUE
LETSENCRYPT_EMAIL Email address to register with Letsencrypt x
LETSENCRYPT_CHALLENGE Use HTTP, TLS, or DNS Challenges HTTP
LETSENCRYPT_KEYTYPE Keytype to use EC256 EC384 RSA2048 RSA4096 RSA8192 RSA4096
LETSENCRYPT_SERVER Use PRODUCTION or STAGING server PRODUCTION
LETSENCRYPT_STORAGE_FILE What file to store ACME certificates in acme.json
LETSENCRYPT_STORAGE_PATH What path to store ACME certificates in: /traefik/certs/ ${DATA_PATH}/certs
LETSENCRYPT_DNS_PROVIDER See Traefik Documentation for values if using DNS Challenge
LETSENCRYPT_DNS_RESOLVER Comma Seperated values values if using DNS Challenge e.g. 1.1.1.1:53,1.0.0.1:53
LETSENCRYPT_DNS_CHALLENGE_DELAY Wait for seconds before challenging 15
LETSENCRYPT_WILDCARD_DOMAINS Create wildcard domains in this comma seperated values e.g. example.com,domain.tld x

If using DNS Challenges, you will need to add additional Environment Variables for your DNS servers API/credentials See Traefik Documentation.

Metrics

Parameter Description Default
ENABLE_METRICS Enable Metrics TRUE
METRICS_TYPE Metrics Type prometheus prometheus
METRICS_LISTEN_IP Listen IP 0.0.0.0
METRICS_LISTEN_PORT Metrics Listen Port 8082
METRICS_ENTRYPOINT Metrics Entrypoint metrics

API / Dashboard Settings

Parameter Description Default _FILE
ENABLE_API Enable Dashboard TRUE
ENABLE_PING Enable Ping test/Health Check TRUE
ENABLE_DASHBOARD Enable Dashboard TRUE
DASHBOARD_HOSTNAME Hostname to respond for Dashboard e.g. traefik.example.com x
ENABLE_DASHBOARD_AUTHENTICATION Enable Dashboard Authentication TRUE
DASHBOARD_ADMIN_USER Username for access to Dashboard admin x
DASHBOARD_ADMIN_PASS Password for access to Dashboard traefik x
DASHBOARD_AUTHENTICATION Only type is BASIC at this time

Certificate Dumper Settings

Parameter Description Default
ENABLE_CERTIFICATE_DUMPER Enable Dumping of Certificates from acme.json TRUE
CERTIFICATE_DUMPER_PATH Where to put the dumped certificates ${LETSENCRYPT_STORAGE_PATH}/dump
CERTIFICATE_DUMPER_POST_HOOK optional Argument or external script to execute post dumping of certificates Where to put the dumped certificates - e.g. chmod 644 ${CERTIFICATE_DUMPER_PATH}
CERTIFICATE_DUMP_SUBDIRECTORIES Create subdirectories of hosts TRUE
CLEAN_DUMP_PATH Clean Dump path before redumping FALSE

Server Transports

Parameter Description Default
SERVER_TRANSPORT_INSECURE_SKIP_VERIFY Disable Certificate verification on Server Transports FALSE

Networking

The following ports are exposed.

Port Description
80 HTTP
443 HTTPS

Maintenance

Inside the image are tools to perform modification on how the image runs.

Shell Access

For debugging and maintenance purposes you may want access the containers shell.

docker exec -it (whatever your container name is e.g. traefik) bash

Contributions

Welcomed. Please fork the repository and submit a pull request for any bug fixes, features or additions you propose to be included in the image. If it does not impact my intended usage case, it will be merged into the tree, tagged as a release and credit to the contributor in the CHANGELOG.

Support

These images were built to serve a specific need in a production environment and gradually have had more functionality added based on requests from the community.

Usage

  • The Discussions board is a great place for working with the community on tips and tricks of using this image.
  • Sponsor me for personalized support

Bugfixes

  • Please, submit a Bug Report if something isn't working as expected. I'll do my best to issue a fix in short order.

Feature Requests

  • Feel free to submit a feature request, however there is no guarantee that it will be added, or at what timeline.
  • Sponsor me regarding development of features.

Updates

  • Best effort to track upstream changes, More priority if I am actively using the image in a production environment.
  • Sponsor me for up to date releases.

License

MIT. See LICENSE for more details.

References

More Repositories

1

docker-freepbx

Dockerized FreePBX 15 w/Asterisk 17, Seperate MySQL Database support, and Data Persistence and UCP
496
star
2

docker-db-backup

Backup multiple database types on a scheduled basis with many customizable options
Dockerfile
472
star
3

docker-traefik-cloudflare-companion

Automatically Create CNAME records for containers served by Traefik
Python
274
star
4

docker-freescout

Dockerized Freescout Helpdesk
Dockerfile
146
star
5

docker-self-service-password

Dockerized LDAP Tollbox Self Service Password Changer with many customizable options
Dockerfile
115
star
6

docker-nginx-php-fpm

Dockerized Nginx + PHP FPM images with many customizable options
Dockerfile
106
star
7

docker-openldap

Dockerized OpenLDAP server with many customizable options
99
star
8

docker-jitsi-meet

Docker Jitsi Meet WebRTC conferencing system w/Prosody XMPP and s6 overlay
Dockerfile
64
star
9

docker-collabora-online

Dockerized Collabora Office Online with customizable options
Dockerfile
62
star
10

docker-osticket

Dockerized Help Desk Software
PHP
48
star
11

docker-tinc

Docker Tinc VPN Mesh server w/S6 Overlay Init, Zabbix Monitoring, and distributed configuration updating based on Alpine
Dockerfile
43
star
12

docker-postal

Dockerized Postal SMTP Server based on Alpine Linux and Ruby
Dockerfile
40
star
13

docker-fusiondirectory

Dockerized FusionDirectory LDAP Manager
Dockerfile
39
star
14

docker-lemonldap

Dockerized Authentication Server with Single Sign On SAML, OpenID Connect, CAS, and Header support
Dockerfile
39
star
15

docker-openldap-fusiondirectory

Dockerized OpenLDAP server with FusionDirectory Schema Support
34
star
16

docker-wordpress

Dockerized Wordpress Image with customizable options
Python
31
star
17

docker-alpine

Docker Alpine Linux Base Images
Dockerfile
30
star
18

docker-mongodb-backup

Docker MongoDB Backup Container based on Alpine w/S6 init, Zabbix Monitoring
Dockerfile
28
star
19

docker-nginx-proxy-cloudflare-companion

Automatically update CNAME records when Docker container starts via Cloudflare
Python
27
star
20

docker-spamassassin

Docker Spamassassin Spam filtering based on Alpine Linux
Dockerfile
26
star
21

docker-clamav

Docker ClamAV Image with Zabbix Monitoring and Customizable Configuration
Dockerfile
23
star
22

docker-baserow

Dockerized Baserow No/Low code data management application based on Alpine
Dockerfile
22
star
23

docker-nginx

Dockerzed webserver with many customizable options
Dockerfile
22
star
24

docker-nextcloud

Dockerized Nextcloud Server with many customizable options
17
star
25

docker-gitlab-ee

Dockerized Gitlab Enterprise Edition
Dockerfile
17
star
26

docker-debian

Docker Debian Base Images
Dockerfile
15
star
27

docker-discourse

Dockerized Discourse Forum
Dockerfile
15
star
28

docker-backuppc

Docker BackupPC with Zabbix monitoring support
Perl
15
star
29

docker-gcds

Docker Google Cloud Directory Sync service (GADS) w/S6 Overlay, Zabbix Monitoring
Dockerfile
14
star
30

docker-mariadb-backup

Docker MariaDB Backup Container w/ S6 Overlay, Zabbix Monitoring based on Alpine
Dockerfile
13
star
31

docker-zabbix

Dockerized Zabbix Server, Proxy, and Frontend
Dockerfile
13
star
32

docker-insync

Docker Insync Headless Client
Dockerfile
12
star
33

docker-rspamd

Dockerized Anti Spam Filter
Python
12
star
34

docker-nginx-ldap

Docker Nginx Image w/LDAP Authentication, Zabbix agent monitoring, S6 init, logrotate based on Alpine
Dockerfile
11
star
35

docker-bookstack

Dockerized Information Manager
Dockerfile
11
star
36

docker-mariadb

Docker MariaDB server w/ S6 Overlay, Zabbix Monitoring based on Alpine
11
star
37

docker-gitlab

Dockerized Gitlab CE w/Alpine Linux, Zabbix Monitoring and S6 Overlay
Dockerfile
10
star
38

docker-staytus

Docker Staytus Image w/s6 overlay, zabbix monitoring based on Alpine
HTML
10
star
39

docker-leantime

Dockerized Project Managment tool with many configurable options
Dockerfile
10
star
40

docker-otrs

Dockerized OTRS ITSM Helpdesk/Ticketing System based on Alpine w/Nginx
Dockerfile
9
star
41

docker-unbound

Docker Unbound DNS Resolver based on Alpine
Dockerfile
9
star
42

docker-postgres

Dockerized Postgresql Server with multiple databases/users, replication, and monitoring support
Dockerfile
9
star
43

docker-postfix

Dockerized MTA with many customizable features, LDAP, SASL, Milter, Relay Support
Dockerfile
8
star
44

docker-matomo

Dockerized Matomo (Piwik) Analytics
Dockerfile
8
star
45

docker-yourls

Dockerized YOURLS link shortener based on Alpine
Dockerfile
8
star
46

docker-invoiceninja

Dockerized Invoicing web application
Dockerfile
7
star
47

docker-nodejs

Docker NodeJS Base Images
7
star
48

docker-postfix-relay

Dockerized Postfix Relay for easy SMTP capabilities
Shell
7
star
49

docker-openvpn

Dockerized OpenVPN server w/Alpine+Debian Variants w/s6 overlay, and LDAP Authentication support
7
star
50

docker-rocketchat

Docker Rocketchat Server with S6 Initsystem and Zabbix Monitoring based on Alpine
6
star
51

docker-kopano

Dockerized Kopano Groupware server
Dockerfile
6
star
52

docker-n8n

Dockerized n8n workflow automation tool
Dockerfile
6
star
53

docker-listmonk

Dockerized Listmonk Mailing List server built iwth Alpine w/Zabbix Monitoring
Dockerfile
6
star
54

docker-cpuminer

Cryptocurrency Miner based on Alpine
6
star
55

docker-kopano-core

Dockerized Kopano Groupware Server
6
star
56

docker-grafana

Dockerfile
5
star
57

docker-moodle

Dockerized Moodle Learning Management System
Dockerfile
5
star
58

docker-loki

Dockerized Loki Log Analyzer
Dockerfile
5
star
59

docker-teampass

Dockerized Password Vault for Teams based on Alpine w/nginx,php-fpm
Dockerfile
5
star
60

docker-orbeon

Docker Orbeon Forms CE w/S6 Init, Tomcat, based on Alpine
Dockerfile
5
star
61

docker-redis

Docker Redis Server with S6 Initsystem and Zabbix Monitoring based on Alpine
5
star
62

docker-elasticsearch

Dockerized Elasticsearch based on Alpine linux
4
star
63

fusiondirectory-plugin-kopano

Plugin to manage users/groups for Kopano (fork of Zarafa) within Fusion Directory LDAP Manager
PHP
4
star
64

docker-novnc

Run GUI applications within a browser - Base image
Dockerfile
4
star
65

docker-flarum

Dockerized Flarum Web Forum Software based on Alpine
Shell
4
star
66

docker-registry

Dockerized Docker Registry
Dockerfile
4
star
67

docker-rabbitmq

Dockerized RabbitMQ server
Python
4
star
68

docker-gitlab-runner

Docker Gitlab runner w/ Zabbix monitoring support based on Alpine
4
star
69

docker-openeats

Dockerized Openeats Recipe manager based on Alpine Linux w/Zabbix Monitoring
Dockerfile
3
star
70

docker-restic

Dockerized Backup application
Dockerfile
3
star
71

docker-dovecot

Docker Dovecot IMAP server based on Alpine w/LDAP Support
TSQL
3
star
72

docker-uptimekuma

Dockerized Service availability monitoring system
Dockerfile
3
star
73

docker-draw-io

Docker Draw.IO image based on Alpine and Nginx
3
star
74

docker-logrotate

Docker Logrotate to keep logfiles compressed and rotated based on Alpine
Shell
3
star
75

docker-mailhog

Dockerized SMTP Test server
Dockerfile
3
star
76

docker-cachet

Dockerized Cachet Status monitoring application based on Alpine Linux
Dockerfile
3
star
77

docker-sentry

Dockerized Sentry.IO Exception tracking system based on Debian w/LDAP and SAML
Python
3
star
78

docker-airsonic-advanced

Dockerized Airsonic Advanced Server based on Alpine
Dockerfile
3
star
79

docker-limesurvey

Dockerized Limesurvey application based on Alpine
Dockerfile
3
star
80

docker-mongo

Docker MongoDB server w/ S6 Overlay, Zabbix Monitoring based on Alpine
3
star
81

docker-haraka

Docker Haraka MTA based on Alpine
JavaScript
3
star
82

docker-ruby

Docker Ruby base images w/ S6 Overlay and Zabbix monitoring support
3
star
83

docker-ubuntu

Dockerized Ubuntu Base Images
Dockerfile
2
star
84

docker-memcached

Docker Memcached Server w/ S6 Initsystem and Zabbix Monitoring based on Alpine
Dockerfile
2
star
85

home

Home-Manager configuration ala Nix flakes
Nix
2
star
86

docker-kopano-meet

Dockerfile
2
star
87

docker-soulseek

Dockerized Soulseek Client
Dockerfile
2
star
88

docker-kopano-kapi

Dockerfile
2
star
89

docker-kopano-konnect

Dockerfile
2
star
90

docker-olefy

Dockerized Olefy TCP listener for OLE Tools
Dockerfile
2
star
91

docker-logchimp

Dockerized Logchimp Application
Dockerfile
2
star
92

docker-transmission

Dockerized Transmission client
Dockerfile
2
star
93

docker-dind

Docker in Docker Image with Zabbix monitoring Support and --squash --compress options by default based on Alpine
Dockerfile
2
star
94

docker-matrix-bridges

Dockerized Matrix Bridges to interconnect services
Dockerfile
2
star
95

docker-monica

Dockerized Monica PRM
Dockerfile
2
star
96

tiredofit

2
star
97

docker-minio

Dockerized Minio Server based on Alpine
Dockerfile
2
star
98

docker-tomcat

Docker Apache Tomcat based on Alpine
2
star
99

docker-mongo-builder

Docker Image to build MongoDB and associated tools for Alpine Edge from aports/non-free
Dockerfile
2
star
100

nixos-config

NixOS configurations
Nix
1
star