How to install a dynamic reverse proxy on Ubuntu 20.04

linux hetzner cloud virtual server tutorial

In this article we'll install Traefik as dynamic reverse proxy on Linux

It's recommended that you have read the previous steps of this course. You'll find the overview at the end of this blogpost.

Course ingredients:

Install Traefik as dynamic reverse proxy

First create a subdomain monitor.yourDomain.com and point it via DNS entry to your server. You'll need the subdomain for the Traefik dashboard that monitors your services.

sudo apt-get install apache2-utils
## Install apache2-utils package, which includes an htpasswd utility for encrypted passwords

Do you want to continue? [Y/n] y

htpasswd -nb admin secure_password
## Generate encrypted password

Output in Terminal looks like this: admin:$apr1$rcda74Hq$mbjdZMZTG.KWn8vfN/SNK/ 

mkdir /var/traefik
## Create a folder for Traefik
cd /var/traefik
## Navigate into the new Traefik folder
nano traefik.toml 
## Create and edit file traefik.toml
[entryPoints]
  [entryPoints.web]
    address = ":80"
    [entryPoints.web.http.redirections.entryPoint]
      to = "websecure"
      scheme = "https"

  [entryPoints.websecure]
    address = ":443"

[api]
  dashboard = true

[certificatesResolvers.lets-encrypt.acme]
  email = "your_email@your_domain"
  storage = "acme.json"
  [certificatesResolvers.lets-encrypt.acme.tlsChallenge]

[providers.docker]
  watch = true
  network = "web"

[providers.file]
  filename = "traefik_dynamic.toml"

nano traefik_dynamic.toml ## Create and edit file traefik_dynamic.toml

[http.middlewares.simpleAuth.basicAuth]
  users = [
    "admin:$apr1$ruca84Hq$mbjdMZBAG.KWn7vfN/SNK/"
  ]

[http.routers.api]
  rule = "Host(`monitor.your_domain`)"
  entrypoints = ["websecure"]
  middlewares = ["simpleAuth"]
  service = "api@internal"
  [http.routers.api.tls]
    certResolver = "lets-encrypt"

docker network create web ## Create a Docker network for Traefik

touch acme.json ## Create new empty file acme.json which Traefik will use for Let's Encrypt information

chmod 600 acme.json ## Grant permissions to the owner of the file only.

Start your Traefik container with the following command:

docker run -d \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v $PWD/traefik.toml:/traefik.toml \
  -v $PWD/traefik_dynamic.toml:/traefik_dynamic.toml \
  -v $PWD/acme.json:/acme.json \
  -p 80:80 \
  -p 443:443 \
  --network web \
  --name traefik \
  --restart always \
  traefik:v2.2

--restart always ## This option will restart the container a reboot of the server.

TROUBLESHOOTING

Stop and disable apache2 or it will block Traefik from working. Attention: If your server needs to be rebooted then apache2 will be restarted if it is not disabled. 

sudo systemctl stop apache2 ## stop the service  
sudo systemctl disable apache2 ## disable the service


Also good to know: 

sudo systemctl start apache2 ## start the service  
sudo systemctl enable apache2 ## enable the service


See you next week for more

Johnnie

Previous Post Next Post

This site uses cookies to store information on your computer. Some of these cookies are essential, while others help us to improve your experience by providing insights into how the site is being used. ×
Necessary Cookies

Necessary cookies enable core functionality such as page navigation and access to secure areas. The website cannot function properly without these cookies, and can only be disabled by changing your browser preferences.

Analytical Cookies

Analytical cookies help us to improve our website by collecting and reporting information on its usage.

Marketing cookies

We use marketing cookies to help us improve the relevancy of advertising campaigns you receive.

Save