From 9e18323e5f284be91107bbf4958f4672ae2bd2a1 Mon Sep 17 00:00:00 2001 From: zwitschi Date: Mon, 8 Sep 2025 18:34:10 +0200 Subject: [PATCH] adjusting for exsting traefik host --- README-Traefik.md | 87 ++++++++++++++++++++++++++++++++++++++++++++++ docker-compose.yml | 5 ++- 2 files changed, 89 insertions(+), 3 deletions(-) create mode 100644 README-Traefik.md diff --git a/README-Traefik.md b/README-Traefik.md new file mode 100644 index 0000000..a06ef16 --- /dev/null +++ b/README-Traefik.md @@ -0,0 +1,87 @@ +# Setting Up Coolify Deployment Behind an Existing Traefik Proxy + +This guide explains how to configure your existing Traefik instance (running at `192.168.88.10`) to proxy traffic to a Coolify-deployed jobs-app service running on `192.168.88.13:8001`. + +## Prerequisites + +- Traefik is running and accessible at `192.168.88.10` +- Your external IP is configured to point to Traefik for domain resolution +- The jobs-app is deployed via Coolify and running on `192.168.88.13:8001` +- You have access to Traefik's configuration files (assuming file-based provider) + +## Step 1: Verify Jobs-App Accessibility + +Ensure the jobs-app is running and accessible: + +```bash +curl http://192.168.88.13:8001 +``` + +You should receive a response from the Flask application. + +## Step 2: Configure Traefik + +Since Traefik is on a separate machine (`192.168.88.10`) and cannot directly watch the Docker containers on `192.168.88.13`, you'll need to manually configure the routing in Traefik's configuration. + +### Option 1: Using Traefik's File Provider + +Add the following configuration to your Traefik dynamic configuration file (e.g., `dynamic.yml`): + +```yaml +http: + routers: + jobs-app: + rule: "Host(`your-domain.com`)" # Replace with your actual domain + service: jobs-app + entryPoints: + - https # Assuming Traefik handles SSL termination + middlewares: + - https-redirect # Optional: redirect HTTP to HTTPS + + services: + jobs-app: + loadBalancer: + servers: + - url: "http://192.168.88.13:8001" + + middlewares: + https-redirect: + redirectScheme: + scheme: https + permanent: true +``` + +### Option 2: Using Docker Labels (if Traefik can access the Docker socket) + +If Traefik has access to the Docker socket on `192.168.88.13` (e.g., via network mount or API), the Docker labels in `docker-compose.yml` will automatically configure the routing. No additional configuration is needed. + +## Step 3: Reload Traefik Configuration + +After updating the configuration, reload Traefik: + +```bash +# If using Docker +docker-compose restart traefik + +# Or if running directly +systemctl reload traefik +``` + +## Step 4: Test the Setup + +1. Ensure your DNS points `your-domain.com` to your external IP, which routes to Traefik. +2. Visit `https://your-domain.com` in your browser. +3. Traefik should proxy the request to `http://192.168.88.13:8001` and serve the jobs-app. + +## Troubleshooting + +- **Port not accessible**: Ensure firewall rules allow traffic from `192.168.88.10` to `192.168.88.13:8001`. +- **SSL issues**: If Traefik is not terminating SSL, adjust the `entryPoints` and remove HTTPS redirects. +- **Routing not working**: Check Traefik logs for errors in router/service configuration. +- **Domain mismatch**: Verify the `Host` rule matches your actual domain. + +## Notes + +- The jobs-app runs on port 8000 internally in the container, exposed on host port 8001. +- If you need to change the external port, update the `ports` mapping in `docker-compose.yml` and the Traefik service URL accordingly. +- For production, consider adding authentication, rate limiting, or other middlewares in Traefik. diff --git a/docker-compose.yml b/docker-compose.yml index 96a16bb..b2f48c6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -31,9 +31,8 @@ services: - coolify.managed=true - traefik.enable=true - "traefik.http.routers.jobs-app.rule=Host(`${SERVICE_FQDN_JOBS_APP:-localhost}`)" - - traefik.http.routers.jobs-app.entryPoints=https - - "traefik.http.routers.jobs-app.middlewares=https-redirect" - - "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https" + - traefik.http.routers.jobs-app.entryPoints=http + - "traefik.http.services.jobs-app.loadbalancer.server.port=8000" networks: - jobs-network restart: unless-stopped