launchpad
launchpad copied to clipboard
Published
20 hours ago •
techno-tim
techno-tim
Traefik Config update Proposal
Recently worked on a way to optimize the Traefik Config/Labels to reduce the amount of per container config that I thought might be a good idea:
traefik.yml would look like (entrypoints):
entryPoints:
http:
address: ":80"
http:
redirections:
entryPoint:
to: https
https:
http:
middlewares:
- default-headers@file
address: ":443"
forwardedHeaders:
insecure: true
This allows the default-headers to be truly default and will apply globally. Also allows http traffic to be routed to https by default on the entry, removing the need for it to be defined on a per container basis.
A compose label section would go from:
labels:
- "traefik.enable=true"
- "traefik.http.routers.web.entrypoints=http"
- "traefik.http.routers.web.rule=Host(`sub.domain.tld`)"
- "traefik.http.middlewares.web-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.web.middlewares=web-https-redirect"
- "traefik.http.routers.web-secure.entrypoints=https"
- "traefik.http.routers.web-secure.rule=Host(`sub.domain.tld`)"
- "traefik.http.routers.web-secure.tls=true"
- "traefik.http.routers.web-secure.service=web"
- "traefik.http.services.web.loadbalancer.server.port=3000"
- "traefik.docker.network=proxy"
- "traefik.http.routers.web.middlewares=sslheader@docker"
- "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
to:
labels:
- "traefik.enable=true"
- "traefik.http.routers.web.entrypoints=https"
- "traefik.http.routers.web.rule=Host(`sub.domain.tld`)"
- "traefik.http.routers.web.tls=true"
- "traefik.http.routers.web.service=web"
- "traefik.http.services.web.loadbalancer.server.port=3000"
- "traefik.docker.network=proxy"
It will also allow for a clear way to demonstrate how to apply middlewares to an entryPoint for ones that you want to have apply to all services, which took me a bit longer then i care to admit to figure out on my own.
