Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ofadiman/traefik-labs
Notes from udemy course extended with my own code.
https://github.com/ofadiman/traefik-labs
grafana prometheus ssl tls traefik
Last synced: 2 days ago
JSON representation
Notes from udemy course extended with my own code.
- Host: GitHub
- URL: https://github.com/ofadiman/traefik-labs
- Owner: Ofadiman
- Created: 2024-12-19T21:55:05.000Z (6 days ago)
- Default Branch: main
- Last Pushed: 2024-12-21T23:39:55.000Z (4 days ago)
- Last Synced: 2024-12-22T00:25:22.242Z (4 days ago)
- Topics: grafana, prometheus, ssl, tls, traefik
- Language: Go
- Homepage:
- Size: 15.6 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: readme.md
Awesome Lists containing this project
README
# Traefik Labs
Notes from [udemy course](https://www.udemy.com/course/the-complete-traefik-training-course/) extended with my own code.
## Configuration
At startup, traefik searches for static configuration in a file named `traefik.yml` in `/etc/traefik/`, or `$XDG_CONFIG_HOME/`, or `$HOME/.config/`, or `. (the working directory)`.
## Trusted TLS certificates
The default TLS certificate generated by traefik works, but is not convenient to use, because browsers display `NET::ERR_CERT_AUTHORITY_INVALID` error due to self-signed nature of the certificate. You can work around this error by clicking on the `continue to unsafe ...` link on the page (or typing `thisisunsafe` in chrome), but it is not a good developer experience.
To resolve this issue permanently, you must obtain a TLS certificate signed by a trusted certificate authority. Trusted certificate authority can be installed using [mkcert](https://github.com/FiloSottile/mkcert) tool.
```sh
# Install required linux binaries.
sudo apt install libnss3-tools# Install mkcert itself.
brew install mkcert# Install trusted certificate authority.
mkcert -install
```Restart your browser to reload the trust store.
You can now generate a TLS certificate that will be signed by the generated certificate authority and treated by browsers as a valid TLS certificate.
```sh
mkcert -cert-file tls-certificate.pem -key-file tls-key.pem *.docker.localhost
```More detailed instructions on configuring docker compose and traefik can be found [here](https://www.putzisan.com/articles/https-setup-with-traefik-docker-compose-for-local-dev).