# Web Service Proxy (Traefik) A simple, efficient web server that can handle SSL/TLS setup via Let's Encrypt for all of your services. Traefik uses labels on containers for configuration needs and helps with more dynamic setup of services. ## Inspiration / Sources - [https://docs.traefik.io/](https://docs.traefik.io/) - [https://github.com/containous/traefik](https://github.com/containous/traefik) ## Docker (AND OTHER!) Integration(s) Traefik supports docker "out of the box" as well as a number of other similar setups (Docker swarm, k8s). This should help with remixes for users with clusters of small arm boards. ## Adjust firewall to allow web services on internal network(s) ``` bash firewall-cmd --permanent --zone=internal --add-service http --add-service https firewall-cmd --permanent --zone=trusted --add-service http --add-service https firewall-cmd --reload ``` ## Adjust firewall to allow web services on external network(s) You can skip this if you won't be using web services from the internet. ``` bash firewall-cmd --permanent --zone=public --add-service http --add-service https firewall-cmd --reload ``` ## Install / Update / Run Script Setup a generic script that'll auto update Traefik and launch it. You should only run this script at first launch and/or when you're looking for updates. ``` bash mkdir -p /var/traefik/acme touch /var/traefik/acme/acme.json chmod 600 /var/traefik/acme/acme.json wget -O traefik.sh https://git.lollipopcloud.solutions/lollipop-docker/traefik/raw/branch/master/run.sh chmod a+x /root/traefik.sh ``` ## Run Traefik Simply execute ```/root/traefik.sh``` to update/run. ## Configuration (Optional) See [https://docs.traefik.io/](https://docs.traefik.io/) for additional details. You shouldn't need any additional configuration. Most of traefik is configured via the command line using the above approach. Traefik is *very* powerful and flexible though. If you're looking for more advanced options the documentation is a great start. Be warned: it's very technical and dense.