Home Discord YouTube Disclaimer

Proxying Your First App

The minimal requirements to enable Traefik on a certain app and allow it to proxy the web UI, we have to simply set a label for Traefik to pick up. Labels are a mechanism for applying metadata to Docker objects. Traefik is able to pick up this metadata and can use it to configure itself. This label will tell Traefik that we want to reverse proxy the application we are adding it to.

For Unraid, find the app that you would like to reverse proxy, once you are in the template, scroll to the bottom and click on the "Add another Path, Port, Variable, Label or Device". Select to add a label and fill in the fields as per the screenshot below.

  1. Make sure to set this as a Label.

  2. Copy and paste the following into the key: field.

    • traefik.enable

  3. Tell Traefik to reverse proxy this app by simply adding true to this field.

  4. Click add and then apply to redeploy the app with the new label added to it.

Now we need to add a second label that will ensure that Traefik only allows the app to be proxied over HTTPS. This will prevent any possible vulnerabilities in the future. For example, if the HTTP redirect breaks, it will not be able to proxy the app over HTTP accidentally. Click on the "Add another Path, Port, Variable, Label or Device". Select to add a label and fill in the fields as per the screenshot below.

  1. Make sure to set this as a Label.

  2. Copy and paste the following into the key: field, make sure to swap out app for the app name you are adding this to.

    • traefik.http.routers.app.entryPoints

  3. Tell Traefik to only use the secure encrypted entrypoint for this app by simply adding https to this field.

  4. Click add and then apply to redeploy the app with the new label added to it.

WARNING

You must replace app with the name of your application that this label is being added to otherwise Traefik will see duplicates.

NOTE

You can add multiple of these labels at once before finally deploying your application.

Conclusion

Traefik will now pick up that the app wants to be routed through the reverse proxy and should automatically set it up for you. It will also only proxy the app over HTTPS and will avoid any possible vulnerabilities or allow the app to be proxied over HTTP. Now when you deploy your application you will be able to visit it by going to your domain with the app name as the subdomain (APP-NAME.DOMAIN.COM).

Alternate Methods

pageProxying an App with Multiple Exposed PortspageProxying an App with a HTTPS WebUIpageChoosing Your App Subdomain Manually

Securing your App

pageEnabling Authelia Server AuthenticationpageEnabling Organizr server authentication
PreviousfileConfig.yml ExampleNextProxying an App with Multiple Exposed Ports

Last updated