{"id":20783204,"url":"https://github.com/asapdotid/dcc-checkmk-traefik","last_synced_at":"2025-08-02T01:14:01.412Z","repository":{"id":261757251,"uuid":"885168603","full_name":"asapdotid/dcc-checkmk-traefik","owner":"asapdotid","description":"Docker Compose Checkmk - Traefik","archived":false,"fork":false,"pushed_at":"2024-11-12T09:49:26.000Z","size":79,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-11T22:46:38.975Z","etag":null,"topics":["checkmk","checkmk-agent","checkmk-deployment","monitoring"],"latest_commit_sha":null,"homepage":"","language":"Makefile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/asapdotid.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-08T04:46:37.000Z","updated_at":"2024-11-12T09:49:29.000Z","dependencies_parsed_at":"2024-11-08T09:31:42.135Z","dependency_job_id":"e6173fd5-27ee-4432-a694-d986c9fadf1a","html_url":"https://github.com/asapdotid/dcc-checkmk-traefik","commit_stats":null,"previous_names":["asapdotid/dcc-checkmk-traefik"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/asapdotid/dcc-checkmk-traefik","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asapdotid%2Fdcc-checkmk-traefik","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asapdotid%2Fdcc-checkmk-traefik/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asapdotid%2Fdcc-checkmk-traefik/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asapdotid%2Fdcc-checkmk-traefik/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/asapdotid","download_url":"https://codeload.github.com/asapdotid/dcc-checkmk-traefik/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asapdotid%2Fdcc-checkmk-traefik/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":268322483,"owners_count":24231827,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-01T02:00:08.611Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["checkmk","checkmk-agent","checkmk-deployment","monitoring"],"created_at":"2024-11-17T14:17:46.861Z","updated_at":"2025-08-02T01:14:01.370Z","avatar_url":"https://github.com/asapdotid.png","language":"Makefile","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n    \u003cimg src=\"docs/assets/img/traefik-checkmk.png\" width=\"600\" /\u003e\n\u003c/p\u003e\n\n# Docker Compose CheckMk - Traefik\n\n\u003e Proxy Container Service (Cloudflare)\n\nThis guide shows you how to deploy `CheckMK` behind `Traefik` reverse-proxy. It will obtain and refresh `HTTPS` \u0026 `CHECK AGENT` certificates automatically and it comes with password-protected Traefik dashboard.\n\n## Docker container\n\n### Main container and version\n\n-   CheckMk Raw: 2.3.0-latest\n-   Docker Socket Proxy: 1.26.2/latest\n-   Traefik: 2.11.x or 3.1.x\n-   Logger Alpine Linux: 3.19 or 3.20\n\n### Docker service documentation\n\n-   CheckMk [Document](https://checkmk.com/)\n-   Docker Socket Proxy (security) - `Linuxserver.io` [Document](https://hub.docker.com/r/linuxserver/socket-proxy)\n-   Traefik [Document](https://hub.docker.com/_/traefik)\n-   Logger (logrotate \u0026 cron) `Custom for Alpine`\n\n### Step 1: Make Sure You Have Required Dependencies\n\n-   Git\n-   Docker\n-   Docker Compose\n\n#### Example Installation on Debian-based Systems:\n\nOfficial documentation for install Docker with new Docker Compose V2 [doc](https://docs.docker.com/engine/install/), and you can install too Docker Compose V1. Follow official documentation.\n\n```bash\nsudo apt get install git docker-ce docker-ce-cli containerd.io docker-compose-plugin\n```\n\n### Step 2: Clone the Repository\n\n```bash\ngit clone https://github.com/asapdotid/dcc-checkmk-traefik.git\ncd dcc-checkmk-traefik\n```\n\nMake command help:\n\n```bash\nmake help\n```\n\n### Step 3: Make Initial Environment Variables\n\n```bash\nmake init\n```\n\nModified file in `.make/.env` for build image\n\n```ini\n...\n# Project variables\nDOCKER_REGISTRY=docker.io\nDOCKER_NAMESPACE=asapdotid\nDOCKER_PROJECT_NAME=monitoring\n\n# Docker image version\nSOCKET_PROXY_VERSION=1.26.2\nTRAEFIK_VERSION=3.1\nALPINE_VERSION=3.20\nCHECKMK_VERSION=2.3.0-latest\n\n# Timezone for os and log level\nTIMEZONE=Asia/Jakarta\n```\n\n### Step 3: Make Docker Compose Initial Environment Variables\n\n```bash\nmake env\n```\n\nModified file in `src/.env` for build image\n\n#### Checkmk environments\n\n```bash\n...\n\n## CHECKMK\nCHECKMK_USER_ID=1000\nCHECKMK_GROUP_ID=1000\nCHECKMK_SITE_ID=cmk\nCHECKMK_ADMIN_PASSWORD=JYg0ZDYu23451\nCHECKMK_DOMAIN_NAME=cmk.domain_name.com\n```\n\nCheckmk login using exiting config, you should change `site id`, `cmkadmin password` and `domain/subdomain`\n\n```ini\nusername: cmkadmin\npassword: JYg0ZDYu23451\n```\n\n#### Traefik environments\n\nThe password is `adminpass` and you might want to change it before deploying to production.\n\n##### Deploying on a Public Server With Real Domain\n\nTraefik requires you to define \"Certificate Resolvers\" in the static configuration, which are responsible for retrieving certificates from an ACME server.\n\nThen, each \"router\" is configured to enable TLS, and is associated to a certificate resolver through the tls.certresolver configuration option.\n\nRead [Traefik Let's Encrypt](https://doc.traefik.io/traefik/https/acme/)\n\nHere is a list of supported providers, on this project:\n\n-   Cloudflare\n\nLet's say you have a domain `example.com` and it's DNS records point to your production server. Just repeat the local deployment steps, but don't forget to update `TRAEFIK_DOMAIN_NAME`, `TRAEFIK_ACME_DNS_CHALLENGE_PROVIDER_EMAIL` \u0026 `TRAEFIK_ACME_DNS_CHALLENGE_PROVIDER_TOKEN` environment variables. In case of `example.com`, your `src/.env` file should have the following lines:\n\n```ini\nTRAEFIK_DOMAIN_NAME=example.com\nTRAEFIK_ACME_DNS_CHALLENGE_PROVIDER_EMAIL=email@mail.com\nTRAEFIK_ACME_DNS_CHALLENGE_PROVIDER_TOKEN=coudflare-access-token-123ABC\n```\n\nSetting correct email is important because it allows Let’s Encrypt to contact you in case there are any present and future issues with your certificates.\n\n## Redirect `WWW` to `NON WWW`\n\nExample labels redirect www to npn www:\n\n```yaml\nlabels:\n    - traefik.enable=true\n    - traefik.http.routers.whoami.entrypoints=https\n    - traefik.http.routers.whoami.rule=Host(`jogjascript.com`)||Host(`www.jogjascript.com`)\n    # Add redirect middlewares for http and https\n    - traefik.http.routers.whoami.middlewares=redirect-http-www@file,redirect-https-www@file\n```\n\n### Step 4: Set Your Own Password\n\nNote: when used in docker-compose.yml all dollar signs in the hash need to be doubled for escaping.\n\n\u003e Install `Apache Tools` package to using `htpasswd`\n\u003e To create a `user`:`password` pair, the following command can be used:\n\n```bash\necho $(htpasswd -nb user)\n\n# OR\n\necho $(htpasswd -nb user password)\n```\n\nRunning script:\n\n```bash\necho $(htpasswd -nb admin)\n\nNew password:\nRe-type new password:\n\nadmin:$apr1$W3jHMbEG$TCzyOICAWv/6kkraCHKYC0\n```\n\nor\n\n```bash\necho $(htpasswd -nb admin adminpass)\n\nadmin:$apr1$W3jHMbEG$TCzyOICAWv/6kkraCHKYC0\n```\n\nThe output has the following format: `username`:`password_hash`. The username doesn't have to be `admin`, feel free to change it (in the first line).\n\nEncode password hash with `base64`:\n\n```bash\necho '$apr1$W3jHMbEG$TCzyOICAWv/6kkraCHKYC0' | openssl enc -e -base64\nJGFwcjEkVzNqSE1iRUckVEN6eU9JQ0FXdi82a2tyYUNIS1lDMAo=\n```\n\nCheck decode:\n\n```bash\necho 'JGFwcjEkVzNqSE1iRUckVEN6eU9JQ0FXdi82a2tyYUNIS1lDMAo=' | openssl enc -d -base64\n```\n\nYou can paste the username into the `TRAEFIK_BASIC_AUTH_USERNAME` environment variable. The other part, `hashedPassword`, should be assigned to `TRAEFIK_BASIC_AUTH_PASSWORD_HASH`. Now you have your own `username`:`password` pair.\n\n### Step 5: Launch Your Deployment\n\nOptional create docker network `secure` \u0026 `proxy` for external used with other docker containers:\n\n```bash\ndocker network create secure\n```\n\nand\n\n```bash\ndocker network create proxy\n```\n\n```bash\nmake env\n\nmake build\n```\n\nDocker composer make commands:\n\n```bash\nmake up\n# or\nmake down\n```\n\n### Step 6: Pointing CLoudflare DNS Record to your IP Server/VM\n\n```bash\ncurl -I https://{domain_name.com}/\n```\n\n#### Checkmk access\n\n-   Checkmk Dashboard: `https://cmk.{domain_name.com}/`\n-   Checkmk Agent (9443 =\u003e 8000): `https://cmk.{domain_name.com:9443}/`\n\n#### Traefik access\n\n-   Traefik Dashboard: `https://monitor.{domain_name.com}/`\n\n## License\n\nMIT / BSD\n\n## Author Information\n\n©️2024 by [Asapdotid](https://github.com/asapdotid) 🚀\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fasapdotid%2Fdcc-checkmk-traefik","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fasapdotid%2Fdcc-checkmk-traefik","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fasapdotid%2Fdcc-checkmk-traefik/lists"}