Reverse proxy using Traefik for all your container routing needs.
This configuration will automatically set up TLS for all your containers, and secure the administration interface behind htdigest.
Intended to be used with media-server, but this setup is generic enough for many use cases.
It requires that you own a public domain that you can point at your server's IP.
By default we use the HTTP challenge for LetsEncrypt, however if your server IP is not exposed to the internet (e.g. behind a VPN), you'll need to fallback to the DNS challenge.
- configure .env file:
cp .env.template .envand setDOMAIN_NAMEandACME_EMAILthere - create a
webdocker network (or rename the network in docker-compose.yaml):docker network create web htdigest -c ht.digest traefik $USERNAME # you will be prompted for a new password- put the content of ht.digest into your .env file at HTDIGEST="..."
- configure an A record in your registrar to point
@and*(the name and all its subdomains) to your server's IP - if your server's IP is not routable over the internet (e.g. using a VPN), comment the http challenge settings and uncomment the DNS ones + add the required env variables for your registrar to your .env file. E.g. for Gandi, uncomment the
environmentsection and add the relevant env var in.env - run
docker compose up -d