Practical Configuration of Traefik as a Reverse Proxy For Docker - Updated for 2023

An updated guide to configuring Traefik with Docker, with explanations of why to do each step as well as how.

2023-07-19 · 20 min · Adam

Really Simple Network Bridging With qemu

Intro I’ve not really used qemu much before but I found myself needing it last week for a particular project and discovered - to my shock and amazement - that the documentation (official and 3rd party) surrounding it is almost universally terrible. A mixture of overly-complex, out of date, incredibly niche, and just straight up poorly-written. I’ll be honest, I wasn’t after much, I had a single qemu VM and I wanted it to be routable on my LAN....

2022-09-04 · 3 min · Adam

Changing Docker Daemon Options For Fun and Profit

Introduction Did you know there are all kinds of interesting options that Docker supports but doesn’t necessarily expose, or document, very well? Most of them are very simple to configure and can have substantial benefits so it’s well worth investigating. Daemons All of these options are configured via the Docker daemon. You can pass arguments to dockerd via the systemd service file or, preferably, use a config file, which defaults to /etc/docker/daemon....

2022-03-31 · 3 min · Adam

Integrating CrowdSec with Traefik & Discord

Update To The Update The issue with upstream proxies and the Traefik bouncer has been resolved by the maintainer. I’ll leave my fork up in case I get some more free time to work on it. I got impatient waiting for the bug with the Traefik bouncer to get fixed so I forked it and fixed it myself, as well as added a couple of extra features. I’m a Go n00b so don’t expect rapid development but it works properly with Cloudflare et al....

2022-01-11 · 9 min · Adam

Connecting to NFS Shares From Windows (Properly)

Introduction If you live in the Windows world you probably haven’t had much cause to use NFS because SMB is the done thing, but if you’re working with Linux hosts or NAS devices NFS can be simpler to deal with. The problem is that Windows NFS support is a bit…wonky and it doesn’t help that almost all the guides on t’internet are giving out bad advice. So to continue my series of “I just figured this out so it seems only fair to share” posts, here’s how to setup the NFS client on Windows properly....

2021-02-11 · 3 min · Adam

ZeroSSL As A LetsEncrypt Alternative Using Traefik

Introduction LetsEncrypt is a fantastic service and it has quite literally revolutionised how people use TLS certificates, but having a Single Point Of Failure for these things is always a bad idea. The good news is that other providers of free certificates are starting to emerge and one of the first is ZeroSSL. Unlike LetsEncrypt they don’t rate limit, but they do require the use of External Account Binding (EAB) which means it’s not quite a drop in replacement in your config....

2020-12-20 · 2 min · Adam

Wireguard as a VPN client in Docker using PIA

Update Since posting this the scripts have changed slightly so the line numbers are no longer correct, that said the functional elements are still the same so it shouldn’t be too hard to figure out where to make the changes. Also is now and so you’ll need to run the two of them in your init script ( first). Introduction Compared to a lot of VPN providers PIA have been pretty slow off the mark in supporting DIY Wireguard connections; they’ve had Wireguard support in their client for a while but that doesn’t help if you want to use something like the linuxserver/wireguard container as your client....

2020-09-26 · 9 min · Adam

Monitoring For Docker Image Updates With Diun

One of the most common questions around Docker is “how do I know when I new version of an image gets published?”. Even if you’re tied to a specific version tag, security and bug fixes can still result in new images being pushed and there’s no built-in mechanism to notify you that it’s happened.

2020-09-17 · 5 min · Adam

Configure Authelia To Work With Traefik

Introduction Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. It’s ideal if you want to make your self-hosted services accessible from the internet without letting every man and their dog nose through your stuff. If you haven’t got Traefik up and running yet, my guide to setting it up as a reverse proxy for Docker will help you out....

2020-09-15 · 8 min · Adam

Practical Configuration of Traefik As A Reverse Proxy For Docker

Traefik is a reverse proxy and load balancer which automatically discovers the right configuration for your docker containers based on labels you set when you create them.

2020-09-15 · 16 min · Adam