Baby, wake up techno tim uploaded about traefik. It's time to update your homelab
@andrewtfluck4 ай бұрын
I felt this so hard 🤣🤣🤣🤣
@osaether6 күн бұрын
I upgrade all dockers once a week or so so Traefik is on v3.1.2 already 🙂
@vatsalyavigyaverma54946 күн бұрын
@@osaether his guide is perfect for learning and deploying
@pedrohcunha6857Ай бұрын
I've never posted a comment on a youtube channel, but you deserved it. After long 8 years (Hours) doing research, you solved my problem in video with 40 minutes. So many thanks.
Just finished your traefik series when I saw you posted this, thank you for answering my subconscious prayer 🙏🏼 Keep up the great work!
@MindMonkeyFTW4 ай бұрын
I can't fathom how easy you made this process, which I have been unable to do with other tutorials. You're doing great work Tim!
@TheInfamousToTo4 ай бұрын
compare to the last video of Traefik , i had 0 issue love how you explain things very easy and in simple way 😍
@SataPataKiouta4 ай бұрын
I am a simple man. I see Techno Tim , I watch , I like.
@bbl_drizzzzy4 ай бұрын
I share
@CrisCheese_4 ай бұрын
I simp
@oildiggerlwd4 ай бұрын
Greatly appreciate the little detail explanations. I’d done the wild card certs before on my home lab, but this is filling in several little knowledge holes in my mind. Excellent content
@chrschra2 ай бұрын
I've also learned way more than I was expecting
@espressomaticАй бұрын
This might be the definitive guide for Traefik 3
@ave46874 ай бұрын
HAHAHA you gotta be kidding me. I spent the 2 last weeks with your previous video and other resources trying to set up Traefik and the rest of my homelab. I literally closed the YT video minutes ago as I was finally able to make everything work. Before going to bed, I decided to check a video from my feed to cool down and what do I see if its not this taunting title XD. Anyway, I'll watch it later as it may allow me to enhance my fresh configuration. Thanks for that 😊
@MrakCZ4 ай бұрын
Anonymous window in browser is always the good way for testing changes.
@panthonyy10 күн бұрын
I rarely watch 40 mins long videos thru the end. Awesome vidéo tutorial! Been searching a bit online how to do this. Can't wait to set that up :)
@TechnoTim10 күн бұрын
Awesome, thank you! That's a huge compliment!
@panthonyy10 күн бұрын
I'm a web dev and let's say that I watch, read and write a whole lot of tutorials/documents. The quality level of your tutorials is up there man, I learn more than what you teach from your videos. You do deserve the compliment.
@Ellwood4204 ай бұрын
Sweet, I used most of your last Traefik video (never got external access working, but internal worked just fine, and that's all I needed, really)
@johnny4ever54 ай бұрын
**knows he can create/edit file in one step but prefers two steps** Bravo good sir! So satisfying...
@rx2gamingofficial4 ай бұрын
Thank you so much for the updated tutorial. Not sure if you got my email about the last one not working but this one works now. Tip for anyone with the certs not loading: just force recreate the container and it should load. I think this happens because the first time the certs are getting created but not read, and the second time it can actually read them.
@Breeegz4 ай бұрын
It's a shame that KZbin only allows for me to like this video once. This was a big upgrade from your last "SSL Everywhere" video. Thanks for taking us on your journey.
@redsoldier1235 күн бұрын
Took me a while to figure out but, note to self: using .yaml extension will break things.... switched it back to yml and it worked just like the video. Great tutorial!
@carstenr.16824 ай бұрын
Great video, Tim! Proxmox has its own ACME integration, so I personally prefer that way (because traefik is running as a VM on my Proxmox, so I want to prevent a race condition when the VM is down, Proxmox is not available through Traefik But for anything else - Traefik is great
@xDrShadowx4 ай бұрын
I had the same thought about Proxmox. Any TLS termination with the right certificates should be made directly on Proxmox anyway. If you want to be agressive, this should be the same for most services as well (internal certificates with local CA between internal containers to reverse proxy // letsencrypt certificates on the reverse proxy to the rest of the world)
@ManelRodero4 ай бұрын
@@xDrShadowxcan you explain a little more this solution for Proxmox? If It uses its own ACME for talking to Let's Encrypt, then we need to create its CNAME on CF instead of Pihole. Right?
@lidbergtech4 ай бұрын
Perfect timing! I've been intersted in Traefik and leaving NPM. Thank you Tim!
@SenorHamburgler4 ай бұрын
Why may I ask? I use NPM and it's so seamless and easy
@lidbergtech4 ай бұрын
@@SenorHamburgler I like to tinker and spin up new things quite often, NPM is great for ease of use. Traefik is just more powerful and diverse, especially with docker, kubernetes and promox. Nothing wrong with NPM, just having the knowledge of how traffic work is good on the cv as well. :)
@philbudgen50908 күн бұрын
Great informative, educational video. This video helped me so much to get traefik working. Very detailed vid and additional documentation provided. Keep up the great work. Many thanks.
@MrIanPrestonАй бұрын
Appreciate the update. Another great video that explains what is needed to be done, how to do it and why it has to be done. Your videos are so much more than simple 'follow me' instructions and really do help to provide some understanding. Thank you.
@replicant_20493 ай бұрын
One of the best tutorials I've followed on youtube, perfect pacing and everything worked first time. Thank you!
@BladeWDR4 ай бұрын
Very comprehensive Tim, well done.
@mitchelbone63014 ай бұрын
Thank you. I've been meaning to do this in my homelab for some time. Now I have everything I need.
@meteailesi3 ай бұрын
Failed one more time :) , I can't understand what I am missing. Thank you for your efforts Tim :)
@stevendonaldson12162 ай бұрын
I've been through these YT follow-along errors. It's literally the main job of network engineers to solve the problems you're going to run into. Time to strap in, find the problem or just restart from clean install. Both work out in the end.
@wojtek-3328 күн бұрын
Thanks for this. Real easy to follow and worked on my first attempt. I am testing this as a replacement to Nginx Proxy Manager. No nice text based config, but NPM is 100x easier and faster to setup and add sites. Good to have a back up though!
@Crusaderzpl4 ай бұрын
Thanks Tim! finally managed to get Traefik fully working in my homelab, great tutorial as always
@romayojr4 ай бұрын
this is perfect timing i just rewatched your old traefik video yesterday cuz i’m having some weird connection issues with my traefik server that i setup last year that has been working great for me. i might re-spin up my server with traefik 3 this weekend to see if resolves my issues. thanks tim!
@chrisumali98414 ай бұрын
Thanks for the demo and info, once again super helpful documentation. Have a great day Techno Tim
@satstube4 ай бұрын
Had to say this... It's got to be absolutely one the best well rounded , well thought, in depth traefik install walk-throughd I have come accross thus far,.., thanks and well done Tim..
@rickdavidson88953 ай бұрын
Fantastic video. Love the section on verifying things were working.
@apmellott3 ай бұрын
Another great tutorial, Techno Tim. I even got this to run on my Docker Swarm (once I had the correct DNS name).
@fferdianlim3 ай бұрын
Thanks Tim! this video really helpful as I was looking for your previous video to troubleshoot certificate error I encountered since last week, then manage to replace with this setup 👍
@nezu_cc4 ай бұрын
Have been running this setup for ages and can recommend it. you can add a star cname in your DNS server so you don't have to add entries every time
@Chefmoensch4 ай бұрын
Everything worked and now I have TLS on all my connections to my services. Thank you Tim
@hbhamilton33 ай бұрын
I did all this over yesterday and today but with some help from Dockge. This was an awesome tutorial!
@tazmattar4 ай бұрын
This was fantastic! I was literally looking at how to do this the other day and you've come up trumps yet again. Thank you 😊
@TechnoTim4 ай бұрын
Glad I could help!
@singh.karanbir3 ай бұрын
loved the whole idea of this, brilliant stuff Tim!
@tomaszpankowski8903Ай бұрын
Thank you! I wouldn't be able to configure it without this tutorial.
@EderValois2 ай бұрын
thx mate, im from Brazil and u saved my life! Great content, keep doing this job ur awesome! Again, thx a lot!!
@JailbreakNation4 ай бұрын
Just moved and am now motivated to unpack the homelab 😎
@Lord-Kanzler7 күн бұрын
how does this video have only 3.4k views? I watched it like 6 times start to finish alone.
@pieter74164 ай бұрын
Interesting tutorial! I think it'll really help some people in setting Traefik up, which at first use, can be a bit daunting. However, Traefik now officially supports HTTP3, so I think you should open both ports 443 tcp as well as udp in your compose file. Make sure to update your firewall settings / port forwards as well. - 80:80 - 443:443/tcp - 443:443/udp Also, one of the strengths of Traefik is that after adding the "config" volume once, you shouldn't have to run "docker compose up" when changing config.yaml. Lastly, I personally like to also use logs, so choose to add this volume as well: "- /opt/traefik/logs:/logs:rw" and try to name compose files "compose.yml", as it saves a few keystrokes.
@TechnoTim4 ай бұрын
Thanks for the great tips! I will also add this to the docs!
@RadTechDad5 күн бұрын
This is great and all.... but only for internal services. If you want to have a public-facing service, you can't do a second-level wildcard cert going through cloudflare without paying for a cert from them.
@1gold43 ай бұрын
I am finally tackling the project of my homelab again and I am so grateful to see a new video for Traefik. These types of videos are such a huge help.
@PopularWebzАй бұрын
A few notes: You are using both cli config and YAML config on the Traefik container. Move that all into the YAML file. Also you shouldn't be specifying your email for cloudflare, you should be using a scoped taken instead. Also at this point you should be enabling strictSNI and a minimum TLS version of 1.2
@drbyte20094 ай бұрын
Tim, you make super great video's, in one word PERFECT!!
@nippurtech5722 ай бұрын
Bro.... This tutorial was AMAZING!
@Skyverb2 ай бұрын
Everything went well for me until around the 27 minute mark. I followed along well until there; keep getting can't connect to that domain error. Double and triple checked the steps like crazy. Dunno what I'm doing wrong.
@shawn2296Ай бұрын
sigh why why i will probably add 200k views i love that you did i will buy a new cluster set up again man i learned a sh!t ton from your videos and even landed a network gig cuz of how much i dabbled thanks alot
@Invaderjason1233 ай бұрын
I'm confused with all the .local references. If you have a domain name and Cloudflare, why wouldn't you just put a wildcard CNAME on your Cloudflare DNS settings? This is the the part that confused me so much doing the records on pi-hole.
@michaelgleason4791Ай бұрын
Well, because he's doing this for LOCAL services only, not ones exposed to the Internet.
@MKBUHDDАй бұрын
If you are familiar with cloudflare, could you please tell me: - Can I buy a domain from any provider and register it (transfer) it for cloudflare and manage it as if i bought it from them? so I can use their tunnel service and other features? - Do you think cloudflare tunnel is better than reverse proxy to expose your home server to public?
@BerliOfficialАй бұрын
@@MKBUHDD I only can answer your first question. You can buy a domain nearly anywhere, you just have to set the nameserver in your dns settings (where your domain is) to the cloudflare nameservers shown in your account. After that you have the full experience of dns settings at cloudflare as far as I know.
@MKBUHDDАй бұрын
@@BerliOfficial Thanks for the info, then I will look for a cheap domain. 👍🏻
@Glitch_8604 ай бұрын
anotther great tutorial. you mention difference in Docker Swarm. I am running a docker swarm in my homelab so would love to be pointed to documentation for that config. Also can I setup 2 certs in Traefik?
@BreetaiZentradi4 ай бұрын
I would love to see a video covering the pros and cons of Traefik 3 vs caddy-proxy-manager vs nginx proxy manager. I thought Caddy was going to be the bees knees so I went that route for my homeserver. Pros: the label sections in the docker-compose.yml is self contained and no need for open ports on the host, and you can use any caddy directives you want. Cons: You have to have the the docker-compose.yml files have a default external network. For work I have had to use nginx proxy manager (npm). Pros: All done in a gui, all the configs are centralized in npm. It is easy to setup certs for containers available on the local network by using a duckdns with an IP set to your private netowork and you do not have to have an external network setup. Cons: You have to have open ports to all the services on the host.
@raymondvanderwerf4 ай бұрын
wow....thx man! I will set this up for sure 🔥🔥🔥
@dorvinion4 ай бұрын
Thanks for the local only explanation. Every one of these I've seen before expects you to want to directly expose things externally. Yes I want to access from outside, but only after I've connected to WG/OVPN One question, can this be done without the local subdomain? Would you just need to remove the . local subdomain from the examples provided?
@mathurin_hv2 ай бұрын
Really helpful ! Thank you ! Could you make a video to explain how to convert that configuration to a docker swarm ?
@LegionInfanterie4 ай бұрын
Thank you Tim, this is what I looking for this is best guide
@Dirizabl4 ай бұрын
Great video, thank you Tim! Would you recommend switching to Traefik v3 if already have v2 setup working?
@jerealityjr4 ай бұрын
Great Video, any plans for a video on how to securely expose to the internet?
@paulobaronceli4 ай бұрын
I have created some automation scripts based on your tutorial to make the entire process (almost) 1-step. Stupid KZbin keeps deleting my comments even though there's no links or no anything at all harmful, and it's 100% related to your video.
@Robert655363 ай бұрын
So good. Worked like a charm!
@rzvendramini4 ай бұрын
Great video! But afer watching it, I applied the ideas to configure Caddy. Traefik is excellent, but the configuration file is a bit complex and lengthy.
@marinuspretorius8230Ай бұрын
I followed this tutorial but I just keep on getting TRAEFIK DEFAULT CERT. I have everything the same except pihole. I use adguard and I have configure my domains in there. It resolve but does not get the lets encrypt cert
@Synoap3 күн бұрын
yes the same here, but Im using pi-hole. Anyone else? @TechnoTim can help us?
@ExpressITTechTips4 ай бұрын
Decided to do the video I heard the request from someone on your timtalks channel the other day 👍
@Mstaaravin3 ай бұрын
A magnific tutorial, thanks!
@nicoladellino81244 ай бұрын
Very useful and nice video bro, THX.
@scottmielke40714 ай бұрын
Do you use traefik for externally accessible services? How do you typically separate those? Different docker hosts? How do you do the networking since you don't need to modify the internal DNS?
@meetthesandvich211Ай бұрын
I had to remove the basic auth and .env because the traefik container would not move past the login prompt for the dashboard even though I put the user name and password in correctly, but I would love to see video on how to get the dashboard working with Authentik. 👍
@zer0r00t4 ай бұрын
I don't think the DNS part tells the CA to check those specific DNS servers. That would be a huge security risk. It simply tells traefik to use those DNS to verify that the TXT records are indeed visible globally before saying the CA to proceed with the next step (ACME protocol). What public DNS the CA queries from is not publicly documented
@codeman99-dev4 ай бұрын
11:54 Unless I'm mistaken, changing permissions on the host is generally not recommended. If I remember correctly, this is forcing your container user to have the UID as the host user. Better options: 1. Use a Dockerfile and change the permissions during copy: `COPY --chmod=0600 acme.json /acme.json` 2. Use a docker volume (not a bind mount) so that permissions are handled by the container only. Use option 1 if persistence doesn't matter. Use option 2 if persistence does matter.
@RocketLR4 ай бұрын
Uugh my traefik is causing so much problems when i try to deploy my react app.. so many different header settings that cause weird behavior with no freaking error output 😵
@chits23912 ай бұрын
Hi Tim! Great tutorial! I've followed the steps and wondering if you could give some insights as to why I can't open the traefik dashboard after setting local dns using pihole. I can get pings from the url, and when I use curl, it says Moved Permanently. Hoping you could see this. Thanks Tim!
@michaelventarola71004 ай бұрын
Great update. Keep them coming
@ChiragKrishnaYadav3 ай бұрын
Thank you civilized Jack Sparrow!!
@cruzinsweetsntreats4 ай бұрын
Thank you for the update. Alongside yours, almost all others with Traefik are about the same age. Be a good idea to link to this new tutorial, on the old one from 2021.
@michaelgleason47913 ай бұрын
30:00 you can just do >> filename to blank out a filename from the terminal.
@surgical_174 ай бұрын
Great setup to locally access it, but what if I wanted to access some of these services remotely aswell. Can I use and modify the same setup or do I need to make an entire different setup?
@TudorRusu894 ай бұрын
Just neat and on point! Congrats! Been following your videos for a while. A couple of questions: 1. How about exposing multiple ports on Traefik? 2. How about exposing multiple external services? 3. Can you do a more deep insight tutorial about internal DNS setup? All the best!
@2001CamaroSS20704 ай бұрын
Yes to #2! I was able to add Unifi local access, but can't add Home Assistant or other local services that don't run on HTTPS by default.
@astacc4 ай бұрын
I just finished homelab update from authelia to authentik last weekend.. I'll leave this update for later.. or I'll spend whole night on it today
@patrickjoseph34124 ай бұрын
Awesome video, tim
@kangy11034 ай бұрын
Hi, first off, thank you so much for this tutorial. Nice and easy to follow! That said I am having an issue I hope you can help with. I'm using a wildcard A record for my addresses through cloudflare and I'm not using PiHole at all. When I try to configure Traefik for workloads outside of docker using your template with my own information I get "Internal Server Error" when trying to load the webpage. Is this because i'm not using PiHole? If so, what do I need to change to fix the error?
@lachlanvanderdrift70133 ай бұрын
I have this same issue. Did you ever find a solution?
@Ziegenhändler13 күн бұрын
@@lachlanvanderdrift7013 same here
@nightmarenova67484 ай бұрын
Whats the biggest new thing here, compared to v2? How bad of an idea would it be to just upgrade? At first glance i haven't noticed that at least the important settings changed that much
@W31rdG3 ай бұрын
Thanks for the great tutorial Tim. I'd been struggling to get either Proxmox or Portainer to work properly behind Traefik, but I got it working by following your video. Question. How do you get something like AdGuard Home or Pi-Hole to work with Traefik? AGH requires a location for the SSL certificates, so how do you get it to read the acme.json file? Also, how do you get AGH to work with DoT and DoH?
@shrinivaskopparamramanath393024 күн бұрын
Is there a guide for creating a setup with some applications you want to expose to the public and some you want local only, and having wildcard certificates created for it all through traefik?
@nemac232 ай бұрын
36:47 The "secured" middleware chain doesn't seem to be applied to any of the routers. Assuming this is an editing mistake?
@demorez54 ай бұрын
i was considering moving to traefik for ages, but everytime I look into that it seems so overwhelming its not worth the effort. SWAG works for me like a breeze, does everything I want from it and the setup is like 10% of this.
@briankeane55892 ай бұрын
Great video, but doesn't seem to work for me.. Once I get to the DNS part and setup the record with cloudflare.. it only ever points back to the TrueNas login page and I don't know what to do..
@tjoptjop093 ай бұрын
Hi Tim, thanks for sharing this amazing video. I only need more help setting up multiple routers in the config file you showed us. can you explain how I can add more external servers outside docker to my config. like my firewall interface, other homeserver, printers etc
@michaelgleason4791Ай бұрын
I don't understand at all why you use a .local. Instead of forwarding 80 and 443 to 80 and 443, I forward them to 81 and 444. Then traefik is set up to know that those are external services, and it's just a couple extra labels. If traefik gets requests on 80 and 443, it knows that those are local. And I setup a wildcard for my domain internally so I don't have to manually add each one.
@cjchico4 ай бұрын
Hopefully you can do an updated video for this on Kubernetes as well
@sirpiffington39093 ай бұрын
Your hash at 20:41 has double $'s from your sed but the password you use at 25:05 has single $'s
@ThisIsAitch16 күн бұрын
Hey - can I use this Traefik container to cleanly reverse proxy containers in *other* docker environments? I could set it up in the 'external' way like you did for Proxmox, and I'm happy to do that, just wondering if there is maybe a cleaner way to do that (or even a second Traefik instance for the second docker environment..)
@afnieves3 ай бұрын
Thank you for your great content. I am trying to get Traefik and Cloudflare running in Proxmox LXC helper scripts. The chalenge I am haveing is getting the cloudflare api token running in the LXC because enviroment variables are a bit different than in docker secrets. Would you consider doing a video on getting this setup and running?
@Mandolorian844 ай бұрын
Amazing! Very good content.
@linuxbasics70604 ай бұрын
your previous video worked great for me, this looks pretty much identical apart from the format of some of files. is it worth switching to traefik 3? like is it a big update?
@s4shermman4 ай бұрын
I am so excited about this video ❤
@nemac23Ай бұрын
Getting a "Gateway Timeout" for external services on different VLAN. Can ping the services from inside the traefik container so not sure what the issue is.
@francisuadm3 ай бұрын
Thank you for this video Tim. Quick question will this work with Nextcloud AiO installing locally?
@Ripichip14 ай бұрын
Thanks for the new v.3 update of your guide. In my case I use duckdns and I have had no problems. I noticed that in your example with ngix you use fewer Middlewares in the App Label (4) compared to the 12 in your previous Trafik 2 tutorial. Is that the new standard configuration for all the applications that I add to Trafik? Thank you very much for your time that you give to your guides
@HelloHelloXD4 ай бұрын
Should we you docker compose instead of docker-compose? The version at the beginning would be unnecesary then
@nospamas89264 ай бұрын
The version at the start of the docker-compose.yaml designates the spec you're using. This does matter, some properties may behave differently or not exist in older versions, I've run into this particularly with swarm related properties.
@HelloHelloXD4 ай бұрын
@@nospamas8926 when I updated my system I had to install docker compose instead of docker-compose as I was getting errors. After I installed docker compose I got errors 'version is obsolete' so I removed it from all of my docker-compose.yamls
@justinth834 ай бұрын
@@nospamas8926 On the newer versions of Docker Compose (2.25+) the version line has been deprecated and will generate a warning if it exists.
@danko95bgd4 ай бұрын
Because swarm is the only thing that does not respect the compose spec. And yes, the version should not be used anymore@@nospamas8926
@sonalita_4 ай бұрын
will there be a similar update for the Kubernetes version?