Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Traefik Config update Proposal #33

Open
aevans1987 opened this issue Jan 25, 2023 · 0 comments
Open

Traefik Config update Proposal #33

aevans1987 opened this issue Jan 25, 2023 · 0 comments

Comments

@aevans1987
Copy link

Recently worked on a way to optimize the Traefik Config/Labels to reduce the amount of per container config that I thought might be a good idea:

traefik.yml would look like (entrypoints):

entryPoints:
  http:
    address: ":80"
    http:
     redirections:
      entryPoint:
        to: https
  https:
    http:
      middlewares:
        - default-headers@file
    address: ":443"
    forwardedHeaders:
     insecure: true

This allows the default-headers to be truly default and will apply globally. Also allows http traffic to be routed to https by default on the entry, removing the need for it to be defined on a per container basis.

A compose label section would go from:

    labels: 
      - "traefik.enable=true"
      - "traefik.http.routers.web.entrypoints=http"
      - "traefik.http.routers.web.rule=Host(`sub.domain.tld`)"
      - "traefik.http.middlewares.web-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.web.middlewares=web-https-redirect"
      - "traefik.http.routers.web-secure.entrypoints=https"
      - "traefik.http.routers.web-secure.rule=Host(`sub.domain.tld`)"
      - "traefik.http.routers.web-secure.tls=true"
      - "traefik.http.routers.web-secure.service=web"
      - "traefik.http.services.web.loadbalancer.server.port=3000"
      - "traefik.docker.network=proxy"
      - "traefik.http.routers.web.middlewares=sslheader@docker"
      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"

to:

    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.web.entrypoints=https"
      - "traefik.http.routers.web.rule=Host(`sub.domain.tld`)"
      - "traefik.http.routers.web.tls=true"
      - "traefik.http.routers.web.service=web"
      - "traefik.http.services.web.loadbalancer.server.port=3000"
      - "traefik.docker.network=proxy"

It will also allow for a clear way to demonstrate how to apply middlewares to an entryPoint for ones that you want to have apply to all services, which took me a bit longer then i care to admit to figure out on my own.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@aevans1987