This project describe the setup process for traefik (dockerized) and nginx (service on host) as reverse proxy.
There are some open questions:
- Can traefik assign each http router a separate ipv6 address?
- Test traefik setup - I wrote it from what I remembered last time doing it...
- Think about splitting the three traefik container definition into separate files (to avoid duplicate configuration fragments).
- Cloudflare API Token variable
- Keycloak: Admin Webinterface Protection for Traefik as Reverse Proxy:
I found this on an old server - please test this before putting it into admin guide...
labels:
# ...
- "traefik.http.routers.r_keycloak.rule=Host(`id.domain.de`)" # <- edit (user interface)
- "traefik.http.routers.r_keycloak.tls=true"
- "traefik.http.routers.r_keycloak.entrypoints=websecure"
- "traefik.http.middlewares.mw_keycloak-host-rewrite.headers.customrequestheaders.Host=id.domain.de" # <- edit
- "traefik.http.middlewares.mw_keycloak-host-rewrite2.headers.customrequestheaders.X-Forwarded-Host=id.domain.de" # <- edit
- "traefik.http.middlewares.mw_keycloak-redirect.replacepathregex.regex=^\/auth\/$$"
- "traefik.http.middlewares.mw_keycloak-redirect.replacepathregex.replacement=/auth/realms/main/account/" # <- edit
- "traefik.http.middlewares.mw_keycloak-block-admin.replacepathregex.regex=^\/auth\/admin\/$$"
- "traefik.http.middlewares.mw_keycloak-block-admin.replacepathregex.replacement=/auth/realms/master/account/" # <- edit
- "traefik.http.routers.r_keycloak.middlewares=mw_keycloak-redirect@docker,mw_keycloak-block-admin@docker,mw_keycloak-host-rewrite@docker,mw_keycloak-host-rewrite2@docker"
- "traefik.http.routers.r_keycloak-admin.rule=Host(`keycloak.domain.de`)" # <- edit (admin interface)
- "traefik.http.routers.r_keycloak-admin.tls=true"
- "traefik.http.routers.r_keycloak-admin.entrypoints=websecure"
- "traefik.http.middlewares.mw_keycloak-admin-redirect.redirectregex.regex=^https:\/\/keycloak.domain.de\/?$$" # <- edit
- "traefik.http.middlewares.mw_keycloak-admin-redirect.redirectregex.replacement=https://keycloak.domain.de/auth/admin/" # <- edit
- "traefik.http.routers.r_keycloak-admin.middlewares=mw_keycloak-admin-redirect@docker"
This project describe the setup process for traefik (dockerized) and nginx (service on host) as reverse proxy.
There are some open questions:
I found this on an old server - please test this before putting it into admin guide...