I have two web applications running on different ports and I want to use traefik to reverse proxy without dockerizing the web applications. Is there a way this can be done? Below is my attempt:
version: '3' services: traefik: image: traefik:alpine labels: - traefik.frontend.rule=Host:traefik.mysite.co.zw - traefik.port=8080 - traefik.enable=true volumes: - /var/run/docker.sock:/var/run/docker.sock - ${PWD}/traefik.toml:/etc/traefik/traefik.toml - ${PWD}/acme.json:/acme.json ports: - 80:80 - 443:443 - 8080:8080 admin-web: ports: - '8300:8300' labels: - traefik.frontend.rule=Host:admin.mysite.co.zw - traefik.port=8300 - traefik.enable=true client-web: ports: - '8400:8400' labels: - traefik.frontend.rule=Host:client.mysite.co.zw - traefik.port=8400 - traefik.enable=true 1 Answer
If they are not docker containers, they do not belong in the docker-compose file. You have to reference them in the a Traefik dynamic config file, as a service and router.
## DYNAMIC CONFIGURATION http: services: srv-client-web: loadBalancer: servers: - url: "" srv-admin-web: loadBalancer: servers: - url: "" routers: rtr-client-web: entryPoints: - websecure rule: "Host(`client.mysite.co.zw`)" service: srv-client-web rtr-admin-web: entryPoints: - websecure rule: "Host(`admin.mysite.co.zw`)" service: srv-admin-web Apart from that:
- do NOT open up port 8080 for the Traefik dashboard on the internet, unless you put authentication middleware in between;
- do use Let's Encrypt certificates and only open up port 443 (it's 2021 after all);
- you need to have a static configuration file too, to put in your entrypoints, a reference to your dynamic config, certificate providers and the lot.