{"id":21660820,"url":"https://github.com/mohammadll/lets-learn-traefik","last_synced_at":"2026-01-03T09:00:18.565Z","repository":{"id":206695589,"uuid":"716732263","full_name":"mohammadll/lets-learn-traefik","owner":"mohammadll","description":"We're here to learn traefik together. ","archived":false,"fork":false,"pushed_at":"2023-11-26T16:49:16.000Z","size":67,"stargazers_count":5,"open_issues_count":0,"forks_count":7,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-25T07:11:15.398Z","etag":null,"topics":["docker-provider","kubernetes-ingressroute-provider"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mohammadll.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-11-09T18:53:30.000Z","updated_at":"2023-11-16T10:14:01.000Z","dependencies_parsed_at":"2023-11-26T17:44:25.310Z","dependency_job_id":null,"html_url":"https://github.com/mohammadll/lets-learn-traefik","commit_stats":null,"previous_names":["mohammadll/lets-learn-traefik"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mohammadll%2Flets-learn-traefik","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mohammadll%2Flets-learn-traefik/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mohammadll%2Flets-learn-traefik/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mohammadll%2Flets-learn-traefik/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mohammadll","download_url":"https://codeload.github.com/mohammadll/lets-learn-traefik/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244556691,"owners_count":20471672,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker-provider","kubernetes-ingressroute-provider"],"created_at":"2024-11-25T09:38:58.912Z","updated_at":"2026-01-03T09:00:13.487Z","avatar_url":"https://github.com/mohammadll.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# lets-learn-traefik\n\n## We're here to learn traefik together\n![Traefik Image](traefik-logo.jpg)\n\n\n## Docker Provider\n - **01-Basic**: We're going to make `hashicorp/vault` accessible through traefik. the first example is very simple, you can connect to the address \"vault.isc\" using the `HTTP` protocol :white_check_mark:\n - **02-HTTPS**: We'r going to use `\"websecure\"` entrypoint instead of \"web\" entrypoint to connect to \"valut.isc\" using `HTTPS` protocol . You have 3 different options to use tls in traefik . the first one is traefik `default certifacte`, the second one is using your `own certificate` and the last one is using `let's encrypt`. if you prefer to use let's encrypt, your provider must be supported by traefik, you can find the list of available providers here: https://doc.traefik.io/traefik/https/acme/ ✅\n - **03-RedirectScheme-middleware**: The `RedirectScheme middleware` redirects the request if the request scheme is different from the configured scheme. We're going to `redirect` http requests to https using RedirectScheme middleware. https://doc.traefik.io/traefik/middlewares/http/redirectscheme/ ✅\n - **04-BasicAuth-middleware**: The BasicAuth middleware `grants access` to services to authorized users only, because of that , We're going to create 2 different users. To create `user:password` pair, it's possible to use this command: `echo $(htpasswd -nB user) | sed -e s/\\\\$/\\\\$\\\\$/g` . you can use `htpasswd` if `apache/httpd` package is installed. https://doc.traefik.io/traefik/middlewares/http/basicauth/ ✅\n - **05-Errors-middleware**: It has never been easier to say that something went wrong. The Errors middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. In this example we're going to use a new service in our docker-compose called `\"error\"` . this new service is responsible to build `Bunch of custom error pages` for Traefik. you can follow their project here: https://github.com/guillaumebriday/traefik-custom-error-pages . so if i receive an error code (ex: 404) for my hashicorp/vault service , one of error pages of \"error\" service will be appeared based on status code. https://doc.traefik.io/traefik/middlewares/http/errorpages/ ✅\n - **06-Traefik-secure**: We have been connecting to traefik dashboard in an insecure manner so far . we're going to connect to traefik dashboard using `https` protocol . because of that we need to follow some steps . first of all modify traefik.yml and replace `\"insecure:true\"` with `\"insecure:false\"` and then create a router for traefik service to enable `tls` using `labels` in docker-compose ✅\n\n## Kubernetes IngressRoute Provider\n  - **07-Setup**: We're going to use traefik helm chart to install it. as i saild earlier, we have some different options to use tls in traefik . i'm using my `own certificate` for the examples of this repository. so i need to override some values of traefik helm chart. if you want to do the same, follow the steps in `note.txt` ✅\n  - **08-Basic**: `IngressRoute` is the `CRD` implementation of a Traefik HTTP router. we're going to use this CRD to connect to \"vault.isc\" using `HTTP` protocol. you can also use kubernetes ingress provider insted of ingressRoute , but i prefer to use ingressRoute, because i don't need to use lots of annotations. it will be difficult to manage all those annotations. ✅\n  - **09-HTTPS**: We'r going to use `\"websecure\"` entrypoint instead of \"web\" entrypoint to connect to \"valut.isc\" using `HTTPS` protocol ✅\n  - **10-RedirectScheme-middleware**: Middleware is the `CRD` implementation of a Traefik middleware. first of all We need to create `\"RedirectScheme-middleware\"` using Middleware CRD, then create `ingressRoute` using its CRD and refer to RedirectScheme-middleware by its name in the manifest of ingressRoute ✅\n  - **11-BasicAuth-middleware**: `Middleware` is the CRD implementation of a Traefik middleware. follow thses steps to use basicAuth : 1- We need to create a `kubernetes secret` that contains the list of `authorized users` (you can generate use:password using this command: `htpasswd -nb user password | base64)`. 2- create `\"basicAuth-middleware\"` using Middleware `CRD` and refer to the name of users secret in the manifest of middleware. 3- Create the `ingressRoute` using its CRD and refer to basicAuth-middleware by its name in the manifest of ingressRoute ✅\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmohammadll%2Flets-learn-traefik","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmohammadll%2Flets-learn-traefik","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmohammadll%2Flets-learn-traefik/lists"}