Setup Traefik on a Linux VPS using Docker
This markdown file provides a comprehensive guide for setting up Traefik on a Linux VPS using Docker. It includes instructions for updating the VPS, installing Docker, configuring Traefik, deploying it as a container, and accessing the Traefik dashboard. Additionally, it covers setting up services with Traefik labels and enabling HTTPS with Let's Encrypt.
Prerequisites
- A Linux VPS (Ubuntu/Debian/CentOS) with Docker installed.
- Basic knowledge of command-line operations.
- A domain name (optional but recommended for SSL configuration).
Step 1: Update your VPS
Update your package manager to ensure all software is up-to-date:
sudo apt update && sudo apt upgrade -y
Step 2: Install Docker (if not already installed)
If Docker isn't installed, install it with the following commands:
For Ubuntu/Debian:
sudo apt install -y apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update
sudo apt install -y docker-ce
For CentOS:
sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install docker-ce docker-ce-cli containerd.io
sudo systemctl start docker
sudo systemctl enable docker
Verify the Docker installation:
docker --version
Step 3: Create a Traefik Configuration
Create a directory for Traefik's configuration:
mkdir -p ~/traefik
cd ~/traefik
Create a traefik.toml or traefik.yml file (YAML or TOML format). This is an example for traefik.yml:
api:
dashboard: true
insecure: true
entryPoints:
web:
address: ":80"
websecure:
address: ":443"
providers:
docker:
exposedByDefault: false
certificatesResolvers:
letsencrypt:
acme:
email: your-email@example.com
storage: acme.json
httpChallenge:
entryPoint: web
Make sure to secure the dashboard by setting up proper authentication or access controls later.
Step 4: Deploy Traefik using Docker
Create a Docker network for Traefik and other containers:
docker network create traefikRun the Traefik container:
docker run -d -p 80:80 -p 443:443 -p 8080:8080 --name traefik --network traefik --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v $PWD/traefik.yml:/etc/traefik/traefik.yml -v $PWD/acme.json:/acme.json traefik:v2.10Make sure
acme.jsonhas the correct permissions:touch acme.json chmod 600 acme.json
Step 5: Access Traefik Dashboard
Open your browser and go to:
http://<your-vps-ip>:8080/dashboard/
If you secured it, enter the credentials or access it from a private network.
Step 6: Setup a Service with Traefik Labels
To expose a service via Traefik, add labels to your Docker containers. Here’s an example with Nginx:
docker run -d --name nginx --network traefik --label "traefik.enable=true" --label "traefik.http.routers.nginx.rule=Host(`your-domain.com`)" --label "traefik.http.routers.nginx.entrypoints=web" --label "traefik.http.routers.nginx.middlewares=https-redirect@file" nginx
Replace your-domain.com with your domain or use IP for testing.
Optional: Enable HTTPS with Let's Encrypt
To enable HTTPS, you can add labels to Docker containers for automatic Let's Encrypt certificate generation:
--label "traefik.http.routers.nginx.tls.certresolver=letsencrypt"
Make sure your DNS points to your VPS IP address.
Traefik Setup Complete!
You now have Traefik set up on your Linux VPS with Docker.