eCommons/traefik
0
0
Fork 0
forked from coop-cloud/traefik
Code Pull Requests Activity
Files
master
traefik/README.md
moosemower d164d2870e Add support for porkbun (#91) 
* [x] I have deployed and tested my changes
LetsEncrypt challenges pass successfully, wildcard cert retrieved
* [x] I have [updated relevant versions in `abra.sh`](https://docs.coopcloud.tech/maintainers/upgrade/#updating-versions-in-the-abrash)
No relevant versions to update
* [x] I have made my environment variable changes [backwards compatible](https://docs.coopcloud.tech/maintainers/upgrade/#backwards-compatible-environment-variable-changes)
Only added new env vars
* [ ] I have added a [release note entry](https://docs.coopcloud.tech/maintainers/upgrade/#creating-new-release-notes)
The guide does not say how to do this

This is my first coopcloud PR, lmk if there is something glaring :)

Co-authored-by: Patrick Melanson <patrick.j.melanson@gmail.com>
Reviewed-on: coop-cloud/traefik#91
Reviewed-by: decentral1se <decentral1se@noreply.git.coopcloud.tech>
Reviewed-by: p4u1 <p4u1@noreply.git.coopcloud.tech>
Co-authored-by: moosemower <moose@resisttechmonopolies.online>
Co-committed-by: moosemower <moose@resisttechmonopolies.online>
2026-02-17 08:56:08 +00:00

79 lines
3.4 KiB
Markdown
Raw Permalink Blame History

# Traefik
[![Build Status](https://build.coopcloud.tech/api/badges/coop-cloud/traefik/status.svg)](https://build.coopcloud.tech/coop-cloud/traefik)
> https://docs.traefik.io
<!-- metadata -->
* **Maintainer**: [@p4u1](https://git.coopcloud.tech/p4u1), [@decentral1se](https://git.coopcloud.tech/decentral1se), [@javielico](https://git.coopcloud.tech/javielico)
* **Status**: `stable`
* **Category**: Utilities
* **Features**: ?
* **Image**: [`traefik`](https://hub.docker.com/_/traefik), 4, upstream
* **Healthcheck**: Yes
* **Backups**: No
* **Email**: N/A
* **Tests**: 2
* **SSO**: ? (Keycloak)
<!-- endmetadata -->
## Basic usage
1. Set up Docker Swarm and [`abra`]
2. `abra app new traefik`
3. `abra app config YOURAPPDOMAIN` - be sure to change `DOMAIN` to something that resolves to
your Docker swarm box
4. `abra app deploy YOURAPPDOMAIN`
## Configuring basic auth
1. Create the usersfile locally: `htpasswd -c usersfile <username>`
2. Uncomment the Basic Auth section in your .env file
3. Insert the secret: `abra app secret insert <domain> usersfile v1 -f usersfile
4. Redploy your app: `abra app deploy -f <domain>`
## Configuring wildcard SSL using DNS
Automatic certificate generation will Just Work™ for most recipes which use a fixed
number of subdomains. For some recipes which need to work across arbitrary
subdomains, like
[`federatedwiki`](https://git.coopcloud.tech/coop-cloud/federatedwiki/) and
[`go-ssb-room`](https://git.coopcloud.tech/coop-cloud/federatedwiki/), you'll
need to give Traefik access to your DNS provider so that it can carry out
Letsencrypt DNS challenges.
1. Use Gandi, OVH, DO, Azure, or PorkBun for DNS 🤡 (support for other providers
can be easily added, see
[the `lego` docs](https://go-acme.github.io/lego/dns/#dns-providers).
2. Run `abra app config YOURAPPDOMAIN`
3. Uncomment e.g. `ENABLE_GANDI` and the related `SECRET_.._VERSION` line, e.g.
`SECRET_GANDIV5_API_KEY_VERSION`
4. Set `LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER` to your provider, e.g. `gandi`
4. Generate an API key for your provider, probably using their web interface.
5. Run `abra app secret insert YOURAPPDOMAIN SECRETNAME v1 SECRETVALUE`, where
`SECRETNAME` is from the compose file (e.g. `compose.gandi-api-key.yml`) e.g.
`gandiv5_api_key` and `SECRETVALUE` is the API key.
- For Gandi, you can use either the deprecated API Key or a GandiV5 Personal
Access Token, in which case use compose.gandi-personal-access-token.yml.
- See comments for each provider in your env file for specific instructions
6. Redeploy Traefik, using e.g. `abra app deploy YOURAPPDOMAIN -f`
## Blocking scrapers with [Anubis](https://anubis.techaro.lol/)
Uncomment the lines on the Anubis section of the configuration. Set
a domain name for the cookies and a domain that will serve Anubis
redirection service. Optionally and for [added
security](https://anubis.techaro.lol/docs/admin/configuration/redirect-domains),
set a list of the domain names for the apps that are going to be
protected.
After deploying these changes, go to each recipe that supports Anubis
and follow the process there. **Enabling Anubis here is not enough for
protection your apps.**
## Enabling onion service
Uncomment the line in the config setting `ONION_ENABLED=1`. This will create a new entrypoint on port 9052 which can be used to bypass forced SSL. For more details, see the [onion recipe](https://recipes.coopcloud.tech/onion).
[`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra
View Git Blame Copy Permalink