How do I manage docker&Traefik behind a reverse proxy not on docker.
-
Because I don't know how docker works, the .yaml given by nightscout is using traefik and I don't know how to remove it without breakting the nightscout container.
Then drop nginx and just use traefik.
-
Then drop nginx and just use traefik.
Thats what all my other services use though and I don't know how I'd connect them to traefic.
-
I Updated the post.
- 'traefik.http.routers.nightscout.rule=Host(`localhost`)'is my current attempt. I used my domain before.
'traefik.http.routers.nightscout.rule=Host(
localhost)'so traefik will be looking for the host header
localhostand only route requests to the service if it matches, sh when you use your real domain that should be what you use as the host header from nginx -
I Updated the post.
- 'traefik.http.routers.nightscout.rule=Host(`localhost`)'is my current attempt. I used my domain before.
side note, I would expose traefik on
127.0.0.1if its on the same host as nginx. as traefik is visible on all network interfaces. -
Because I don't know how docker works, the .yaml given by nightscout is using traefik and I don't know how to remove it without breakting the nightscout container.
To run it with Nginx instead of Traefik, you need to figure out what port Nightscout’s web server runs on, then expose that port, e.g.,
services: nightscout: ports: - 3000:3000You can remove the labels as those are used by Traefik, as well as the Traefik service itself.
Then just point Nginx to that port (e.g., 3000) on your local machine.
—-
Traefik has to know the port, too, but it will auto detect the port that a local Docker service is running on. It looks like your config is relying on that feature as I don’t see the label that explicitly specifies the port.
-
To run it with Nginx instead of Traefik, you need to figure out what port Nightscout’s web server runs on, then expose that port, e.g.,
services: nightscout: ports: - 3000:3000You can remove the labels as those are used by Traefik, as well as the Traefik service itself.
Then just point Nginx to that port (e.g., 3000) on your local machine.
—-
Traefik has to know the port, too, but it will auto detect the port that a local Docker service is running on. It looks like your config is relying on that feature as I don’t see the label that explicitly specifies the port.
This is what I would try first. It looks like 1337 is the exposed port, per https://github.com/nightscout/cgm-remote-monitor/blob/master/Dockerfile
x-logging: &default-logging options: max-size: '10m' max-file: '5' driver: json-file services: mongo: image: mongo:4.4 volumes: - ${NS_MONGO_DATA_DIR:-./mongo-data}:/data/db:cached logging: *default-logging nightscout: image: nightscout/cgm-remote-monitor:latest container_name: nightscout restart: always depends_on: - mongo logging: *default-logging ports: - 1337:1337 environment: ### Variables for the container NODE_ENV: production TZ: [removed] ### Overridden variables for Docker Compose setup # The `nightscout` service can use HTTP, because we use `nginx` to serve the HTTPS # and manage TLS certificates INSECURE_USE_HTTP: 'true' # For all other settings, please refer to the Environment section of the README ### Required variables # MONGO_CONNECTION - The connection string for your Mongo database. # Something like mongodb://sally:[email protected]:99999/nightscout # The default connects to the `mongo` included in this docker-compose file. # If you change it, you probably also want to comment out the entire `mongo` service block # and `depends_on` block above. MONGO_CONNECTION: mongodb://mongo:27017/nightscout # API_SECRET - A secret passphrase that must be at least 12 characters long. API_SECRET: [removed] ### Features # ENABLE - Used to enable optional features, expects a space delimited list, such as: careportal rawbg iob # See https://github.com/nightscout/cgm-remote-monitor#plugins for details ENABLE: careportal rawbg iob # AUTH_DEFAULT_ROLES (readable) - possible values readable, denied, or any valid role name. # When readable, anyone can view Nightscout without a token. Setting it to denied will require # a token from every visit, using status-only will enable api-secret based login. AUTH_DEFAULT_ROLES: denied # For all other settings, please refer to the Environment section of the README # https://github.com/nightscout/cgm-remote-monitor#environment -
Thats what all my other services use though and I don't know how I'd connect them to traefic.
There's no time to learn like the present! Your existing compose file has an example, but if that doesn't work, the traefik docs are useful too.
-
Thats what all my other services use though and I don't know how I'd connect them to traefic.
wrote last edited by [email protected]I recently posted most of my traefik configs, you can use it as a base to learn how traefik works:
https://lemmy.ca/comment/17702205
Note that I might not be much help with troubleshooting, as this took me a lot of trial and error and googling to make work.
-
How do I connect to the container without traefik (from my local network)?
When I remove all the traefic references and then run docker ps I get
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [removed] nightscout/cgm-remote-monitor:latest "docker-entrypoint.s…" 6 seconds ago Up 5 seconds 1337/tcp nightscout [removed] mongo:4.4 "docker-entrypoint.s…" 37 hours ago Up 5 seconds 27017/tcp docker-mongo-1But I can't reach it under dockerIP:1337.
With Immich it had 0.0.0.0:port as its IP and I was able to reach it that way.
You need to add a ports section to your compose file like
ports: - "1337:1337"- the container exposes 1337 internally but you haven't mapped it to the host so it's not accessible from outside the container. -
Thats what all my other services use though and I don't know how I'd connect them to traefic.
wrote last edited by [email protected]If they all run on docker, you just have to add labels to them, telling them what domain and port they use, etc (look at the labels from your compose). Then you add the traefik base network to them and presto. Traefik recognizes the labels and automatically routes incoming requests to them and creates certificates for them.
I would recommend a single compose stack for traefik and then one compose file per context (e.g. NextCloud, its DB, documentServer in one stack)
