traefik traefik:latest https://registry.hub.docker.com/_/traefik bridge sh false https://github.com/benderstwin/docker-templates/issues Traefik is a modern reverse-proxy. You must have a traefik.toml config located in your appdata/traefik directory. Example template with very little modification needed is available here https://raw.githubusercontent.com/benderstwin/Portainer-Templates/master/traefik.toml Note on SSL - easiest method is to use a free account at cloudflare. In cloudflare: Set up DNS records. -use CNAMES for subdomains to point to TLD On the crypto tab in cloudflare -request wildcard ssl cert (universal) for edge -generate origin cert and key -enable SSL client authentication -turn on SSL Full (strict) NOTE: It is possible to use Traefik with ACME (Lets Encrypt). This will require modification beyond the scope of this template (although you could modify the traefik.toml pretty easily to enable this). TO ADD APPS TO TRAEFIK: Traefik uses labels to assign proxy behavior Add these labels to your other containers to enable proxy Available Labels: traefik.enable=true #required to proxy:Enable Traefik to expose app to the frontend and proxy traefik.backend=ombi #required:name of the container Traefik should map to on the back end (sonarr, radarr, jackett etc...) traefik.frontend.rule=Host:ombi.domain.com #required/optional: Sets the subdomain rule. traefik.frontend.rule=Host:domain.com; PathPrefixStrip: /ombi #optional for using subfolders traefik.port=3579 #required:container port to send traffic to. Source container port, not the mapping in unraid traefik.frontend.auth.basic.usersFile=/shared/.htpasswd ## This is what sets up the front end interface to use the generated .htaccess file. Add this line to any site you want additional security on. traefik.docker.network=bridge #required: Specify the docker network traefik.frontend.headers.SSLRedirect=true #optional but might as well if you are using SSL traefik.frontend.headers.STSSeconds=315360000 #optional traefik.frontend.headers.browserXSSFilter=true #optional traefik.frontend.headers.contentTypeNosniff=true #optional traefik.frontend.headers.forceSTSHeader=true #may be required traefik.frontend.headers.SSLHost=domain.com #required traefik.frontend.headers.STSIncludeSubdomains=true #may be required traefik.frontend.headers.STSPreload=true #optional traefik.frontend.headers.frameDeny=true #optional http://127.0.0.1:8080 https://raw.githubusercontent.com/benderstwin/docker-templates/master/Bender-traefik.xml https://raw.githubusercontent.com/benderstwin/docker-templates/master/images/traefik.png I do it for the fame bridge 443 443 tcp 8080 8080 tcp /mnt/user/appdata/traefik /etc/traefik rw /mnt/user/appdata/traefik/shared /shared rw /var/run/docker.sock /var/run/docker.sock ro true traefik.enable traefik traefik.backend Host:traefikhome.domain.com traefik.frontend.rule domain.com traefik.frontend.headers.SSLHost /shared/.htpasswd traefik.frontend.auth.basic.usersFile bridge traefik.docker.network true traefik.frontend.headers.SSLRedirect 315360000 traefik.frontend.headers.STSSeconds true traefik.frontend.headers.browserXSSFilter true traefik.frontend.headers.contentTypeNosniff true traefik.frontend.headers.forceSTSHeader true traefik.frontend.headers.STSIncludeSubdomains true traefik.frontend.headers.STSPreload true traefik.frontend.headers.frameDeny 8080 traefik.port true traefik Host:traefikhome.domain.com domain.com /mnt/user/appdata/traefik /mnt/user/appdata/traefik/shared 443 8080 /shared/.htpasswd bridge true 315360000 true true true true true true /var/run/docker.sock 8080 1543869167 Network:Web Network:Proxy Traefik is a modern reverse-proxy. You must have a traefik.toml config located in your appdata/traefik directory. Example template with very little modification needed is available here https://raw.githubusercontent.com/benderstwin/Portainer-Templates/master/traefik.toml Note on SSL - easiest method is to use a free account at cloudflare. In cloudflare: Set up DNS records. -use CNAMES for subdomains to point to TLD On the crypto tab in cloudflare -request wildcard ssl cert (universal) for edge -generate origin cert and key -enable SSL client authentication -turn on SSL Full (strict) NOTE: It is possible to use Traefik with ACME (Lets Encrypt). This will require modification beyond the scope of this template (although you could modify the traefik.toml pretty easily to enable this). TO ADD APPS TO TRAEFIK: Traefik uses labels to assign proxy behavior Add these labels to your other containers to enable proxy Available Labels: traefik.enable=true #required to proxy:Enable Traefik to expose app to the frontend and proxy traefik.backend=ombi #required:name of the container Traefik should map to on the back end (sonarr, radarr, jackett etc...) traefik.frontend.rule=Host:ombi.domain.com #required/optional: Sets the subdomain rule. traefik.frontend.rule=Host:domain.com; PathPrefixStrip: /ombi #optional for using subfolders traefik.port=3579 #required:container port to send traffic to. Source container port, not the mapping in unraid traefik.frontend.auth.basic.usersFile=/shared/.htpasswd ## This is what sets up the front end interface to use the generated .htaccess file. Add this line to any site you want additional security on. traefik.docker.network=bridge #required: Specify the docker network traefik.frontend.headers.SSLRedirect=true #optional but might as well if you are using SSL traefik.frontend.headers.STSSeconds=315360000 #optional traefik.frontend.headers.browserXSSFilter=true #optional traefik.frontend.headers.contentTypeNosniff=true #optional traefik.frontend.headers.forceSTSHeader=true #may be required traefik.frontend.headers.SSLHost=domain.com #required traefik.frontend.headers.STSIncludeSubdomains=true #may be required traefik.frontend.headers.STSPreload=true #optional traefik.frontend.headers.frameDeny=true #optional /tmp/GitHub/AppFeed/templates/BendersRepository/Bender-traefik.xml