Traefik service proxy

Submitted by Erik Wegner on Mon, 10/22/2018 - 22:10

Any recent server is powerful enough to host several web applications. Those applications are usually behind a proxy that handles routing, encryption and authentication. Enter Traefik.

        
          Unit file for systemd
          
              
              [Unit]
Description=Traefik Proxy
[Service]
ExecStart=/opt/traefik -c /etc/traefik.toml
Restart=always
StandardOutput=syslog
SyslogIdentifier=traefik
User=root
Group=root
[Install]
WantedBy=default.target

            

        
      

Unit file for systemd
1 2 3 4 5 6 7 8 9 10 11	`[Unit]` `Description=Traefik Proxy` `[Service]` `ExecStart=/opt/traefik -c /etc/traefik.toml` `Restart=always` `StandardOutput=syslog` `SyslogIdentifier=traefik` `User=root` `Group=root` `[Install]` `WantedBy=default.target`

A sample configuration file with Let's encrypt support:

/etc/traefik.toml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81	`################################################################` `# Global configuration` `################################################################` `# Enable debug mode` `#` `# Optional` `# Default: false` `#` `# debug = true` `# Log level` `#` `# Optional` `# Default: "ERROR"` `#` `# logLevel = "DEBUG"` `# Entrypoints to be used by frontends that do not specify any entrypoint.` `# Each frontend can specify its own entrypoints.` `#` `# Optional` `# Default: ["http"]` `#` `defaultEntryPoints = ["http", "https"]` `################################################################` `# Entrypoints configuration` `################################################################` `# Entrypoints definition` `#` `# Optional` `# Default:` `[entryPoints]` `[entryPoints.http]` `address = ":80"` `[entryPoints.http.redirect]` `entryPoint = "https"` `[entryPoints.https]` `address = ":443"` `[entryPoints.https.tls]` `[entryPoints.webadmin]` `address = ":8090"` `[entryPoints.traefik] # The entrypoint which fix the problem, but I don't know what is its purpose` `address = ":8100"` `# Let's encrypt` `[acme]` `email = "info@ewus.de"` `storage = "acme.json"` `entryPoint = "https"` `acmeLogging = true` `OnHostRule = true` `[[acme.domains]]` `main = "gitlab.ewus.de"` `[[acme.domains]]` `main = "app1.ewus.de"` `[acme.httpChallenge]` `entryPoint = "http"` `[File]` `[frontends]` `[frontends.gitlab]` `backend = "gitlab"` `[frontends.gitlab.routes.test_1]` `rule = "Host: gitlab.ewus.de"` `[frontends.app1]` `backend = "app1"` `[frontends.app1.routes.test_1]` `rule = "Host: app1.ewus.de"` `[backends]` `[backends.gitlab]` `[backends.gitlab.servers.server1]` `url = "http://127.0.0.1:8086/"` `weight = 1` `[backends.app1]` `[backends.app1.servers.server1]` `url = "http://127.0.0.1:8089/"` `weight = 1`