2.1 KiB
Web Service Proxy (Traefik)
A simple, efficient web server that can handle SSL/TLS setup via Let's Encrypt for all of your services. Traefik uses labels on containers for configuration needs and helps with more dynamic setup of services.
Inspiration / Sources
Docker (AND OTHER!) Integration(s)
Traefik supports docker "out of the box" as well as a number of other similar setups (Docker swarm, k8s). This should help with remixes for users with clusters of small arm boards.
Adjust firewall to allow web services on internal network(s)
firewall-cmd --permanent --zone=internal --add-service http --add-service https
firewall-cmd --permanent --zone=trusted --add-service http --add-service https
firewall-cmd --reload
Adjust firewall to allow web services on external network(s)
You can skip this if you won't be using web services from the internet.
firewall-cmd --permanent --zone=public --add-service http --add-service https
firewall-cmd --reload
Install / Update / Run Script
Setup a generic script that'll auto update Traefik and launch it. You should only run this script at first launch and/or when you're looking for updates.
mkdir -p /var/traefik/acme
touch /var/traefik/acme/acme.json
chmod 600 /var/traefik/acme/acme.json
wget -O traefik.sh https://git.lollipopcloud.solutions/lollipop-docker/traefik/raw/branch/master/run.sh
chmod a+x /root/traefik.sh
Run Traefik
Simply execute /root/traefik.sh to update/run.
Configuration (Optional)
See https://docs.traefik.io/ for additional details. You shouldn't need any additional configuration. Most of traefik is configured via the command line using the above approach.
Traefik is very powerful and flexible though. If you're looking for more advanced options the documentation is a great start. Be warned: it's very technical and dense.