Hey, here is my traefik tutorial, so that you know what I am talking about. th-cam.com/video/QC3weuCUr8o/w-d-xo.html Let me know if you have any questions 🙂
Great video! Unfortunately you kind of made a less secure. By using the ports directive in the compose you expose the (well known Docker-)Port on your whole machine. You also enable any container to access information about your docker environment. To circumvent all of that, I would fiestly remove the ports section on the proxy and secondly create a second network that's only used for the proxy and treafik. Keep in mind that traefik needs access to the default anf the socket proxy network, though;)
Hey, thanks for the hint! You are totally right in this case. I did not think of the networking and port mappings as everything was only on my local machine. (I don't have a dedicated QA ... 😂) But great spot! Have a look at the pull request I made to the tutorial files! github.com/marcogreiveldinger/videos/pull/4 I guess that's the better version right :-)
I would like to congratulate you on your excellent work, I really like your videos. I would like to ask if possible if you could record a video explaining how to run nginx-proxy-manager together with traefik inside portainer, honestly this is an extreme headache for me and I really need to learn, I believe this is the question of several followers. Thanks in advance.
Hey Marco thank you for the hint. I am trying to combine it with your traefik + crowdsec tutorial which run into error crowdsec | time="2024-02-07T22:08:42+01:00" level=error msg="UnmarshalJSON : invalid character 'i' in literal true (expecting 'r')" line="time=\"2024-02-07T22:08:42+01:00\" level=error msg=\"Failed to retrieve information of the docker client and server host: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?\" providerName=docker" In the docker-compose.yml of th-cam.com/video/Z23BJrRMUM4/w-d-xo.html are labels available, crowdsec want to connect to docker.sock too. Traefik documentation is at the moment a jungle for me.
sad to hear that it didn't work out so far. Have you tried to play around with access rights for the docker-socket-proxy? Seems like that crowdsec is reading the access logs of traefik, and traefik is not able to gain information of the docker socket. Maybe try to set the rights less restrictive and then go back and see where it fails github.com/Tecnativa/docker-socket-proxy?tab=readme-ov-file#grant-or-revoke-access-to-certain-api-sections
I would like to congratulate you on your excellent work, I really like your videos. I would like to ask if possible if you could record a video explaining how to run nginx-proxy-manager together with traefik inside portainer, honestly this is an extreme headache for me and I really need to learn, I believe this is the question of several followers. Thanks in advance.
Hey, here is my traefik tutorial, so that you know what I am talking about. th-cam.com/video/QC3weuCUr8o/w-d-xo.html
Let me know if you have any questions 🙂
"just kidding, i don't have a sponsor yet" killed me. love it
Haha yeah that was a good one :)
Please use lager fonts(zoom), that would make it readable on mobile.
And great video’s
Thanks!
alrighty, next time I try to use aa larger font or zoom in :-)
And thank you for the feedback
Great video! Unfortunately you kind of made a less secure. By using the ports directive in the compose you expose the (well known Docker-)Port on your whole machine. You also enable any container to access information about your docker environment. To circumvent all of that, I would fiestly remove the ports section on the proxy and secondly create a second network that's only used for the proxy and treafik. Keep in mind that traefik needs access to the default anf the socket proxy network, though;)
Hey, thanks for the hint! You are totally right in this case. I did not think of the networking and port mappings as everything was only on my local machine. (I don't have a dedicated QA ... 😂)
But great spot!
Have a look at the pull request I made to the tutorial files!
github.com/marcogreiveldinger/videos/pull/4
I guess that's the better version right :-)
Thanks for making these videos, Your videos are super helpful & awesome. You deserve success here!!
I would like to congratulate you on your excellent work, I really like your videos.
I would like to ask if possible if you could record a video explaining how to run nginx-proxy-manager together with traefik inside portainer, honestly this is an extreme headache for me and I really need to learn, I believe this is the question of several followers. Thanks in advance.
🚀🚀🚀
🚀👩🚀🌜
Hey Marco thank you for the hint. I am trying to combine it with your traefik + crowdsec tutorial which run into error
crowdsec | time="2024-02-07T22:08:42+01:00" level=error msg="UnmarshalJSON : invalid character 'i' in literal true (expecting 'r')" line="time=\"2024-02-07T22:08:42+01:00\" level=error msg=\"Failed to retrieve information of the docker client and server host: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?\" providerName=docker"
In the docker-compose.yml of th-cam.com/video/Z23BJrRMUM4/w-d-xo.html are labels available, crowdsec want to connect to docker.sock too. Traefik documentation is at the moment a jungle for me.
sad to hear that it didn't work out so far.
Have you tried to play around with access rights for the docker-socket-proxy? Seems like that crowdsec is reading the access logs of traefik, and traefik is not able to gain information of the docker socket. Maybe try to set the rights less restrictive and then go back and see where it fails
github.com/Tecnativa/docker-socket-proxy?tab=readme-ov-file#grant-or-revoke-access-to-certain-api-sections
I would like to congratulate you on your excellent work, I really like your videos.
I would like to ask if possible if you could record a video explaining how to run nginx-proxy-manager together with traefik inside portainer, honestly this is an extreme headache for me and I really need to learn, I believe this is the question of several followers. Thanks in advance.
Thanks for your compliment :)
I still don't quite understand why you want to have two different proxies? What's the purpose of both of them?