Multi HTTPS sub domain with Traefik and Docker - Part 2
In this (small) second part, we’ll set up Traefik Web UI on its own sub domain with a basic HTTP authentication.
traefik.toml we add the following just before the
[web] # Port for the status page address = ":8080"
We also need to map the port 8080 in the
docker-compose.yml so you have to add this line in the ports section:
Now we can access Traefik Web UI at
yourdomain.com:8080. It will look like this:
Let’s add a sub domain
Now we need to modify the
docker-compose.yml in order to redirect to a sub domain. The only thing we are going to add is the Docker labels:
Moreover, we don’t need to map the port 8080 since we will not access the dashboard through this port.
So our file will look like this:
version: '2' services: traefik: image: traefik command: --web --docker ports: - "80:80" - "443:443" restart: always labels: - "traefik.enabled=true" - "traefik.backend=dashboard" - "traefik.frontend.rule=Host:dashboard.yourdomain.com" - "traefik.port=8080" volumes: - "/var/run/docker.sock:/var/run/docker.sock" - "./traefik.toml:/traefik.toml" - "./acme.json:/acme.json" networks: - default
Now you can access your dashboard through the desired URL!
A basic HTTP authentication
If you need to protect your application with a user/password authentication, Traefik can do it for you. Again it’s configurable via the Docker labels of the service:
You can get the hash with the htpasswd command like this
$ htpasswd -nB user New password: Re-type new password: user:$2y$05$NiscFUPxmLub5vW1gL6cF.4R1ElHKeMgBQKNPIY.1V.CW802nXhwG
When you add the hash in the
docker-compose.yml you must escape the
$ character with another
$. In this case we will have :
traefik.frontend.auth.basic=user:$$2y$$05$$NiscFUPxmLub5vW1gL6cF.4R1ElHKeMgBQKNPIY.1V.CW802nXhwG. Your application will then be protected by a user/password authentication.
You can now easily access your public and private Docker applications through different sub domains.