SuitDeer21h ago

In this small blog post I want to show my small bash script that can initialize a docker swarm cluster (up to nine nodes) with a user interface (portainer) a reverse proxy (traefik or nginx proxy manager) and a high available storage (syncthing4Swarm).

The docker swarm cluster can also be installed in a "rootless"-mode (user namespace).

https://hostlab.tech/blog/swarmpilot-docker-swarm-cluster-in-one-script

#docker #dockerswarm #traefik #keepalived #nginxproxymanager #syncthing #cluster #tutorial #forgejo

SwarmPilot - Docker Swarm cluster in one script | HostLab Tech

In this small blog post I want to show my small bash script that can initialize a docker swarm cluster (up to nine nodes) with a user interface ...

Patch Notification Robot 🔔1d ago
Containous released #Traefik version 3.7.4. https://traefik.io/
Unified Gateway for VMs, Containers, & AI | Traefik Labs

Migrate, modernize, & transform any workload across any environment. One lightweight binary to manage VMs, containers, & AI ... without the sprawl.

Traefik Labs
Patch Notification Robot 🔔2d ago
Containous released #Traefik version 3.7.3. https://traefik.io/
Unified Gateway for VMs, Containers, & AI | Traefik Labs

Migrate, modernize, & transform any workload across any environment. One lightweight binary to manage VMs, containers, & AI ... without the sprawl.

Traefik Labs
Show threadJimmy B. 5d ago

@endareth You could use something like #Cloudflare, but I've never been a big fan of proxies in front of proxies, or I found this from searching the web just now - https://binadit.com/tutorials/implement-haproxy-waf-integration-modsecurity

I do use #Apache w/ mod_security on my cPanel & WHM box.

At home I use #Traefik with a #Crowdsec plugin that seems to work well.

HAProxy WAF ModSecurity 3 SPOE Integration - Binadit

Learn to integrate ModSecurity 3 with HAProxy using SPOE protocol for advanced web application firewall protection against OWASP threats.

Binadit
Daniel6d ago
Anyone have experience with #crowdsec and #traefik? feeling like trying to link them together in my setup behind cloudflare free but not sure if it makes sense or not.
GOMOOT May 27

🔥 Come installare CrowdSec e usarlo come WAF davanti a Nginx o Traefik. CrowdSec, la guida pratica all'IDS/IPS open source che sostituisce Fail2Ban con una blocklist condivisa da migliaia di server globali
https://gomoot.com/come-installare-crowdsec-e-usarlo-come-waf-davanti-a-nginx-o-traefik/

#CrowdSec #nginx #Traefik #WAF #opensource

GOMOOT May 27

📌 Come funziona Traefik, dal Docker provider che scopre i container in automatico ai middleware per rate limit, basic auth e HSTS, guida pratica per homelab e VPS
https://gomoot.com/traefik-v3-7-il-reverse-proxy-che-si-configura-via-docker-label/

#docker #Kubernetes #ReverseProxy #Traefik

Schenkl | 🏳️‍🌈🦄May 22

Huiii hab da eine #Traefik Metrik in dessen #Prometheus Exporter gefunden, die ich noch gar nicht kannte - gleich mal zu nem Dashboard gemacht xD

#Grafana

Thomas LuzatMay 22

#DHCP, #DNS, #IPv6, #TLS: Ihr seid anstrengend.

#pihole ignoriert nach Update standardmäßig die eigene dnsmasq-Konfiguration. Alle Hosts bekommen zwei IPv6-Gateways: Router und Pi-hole. Ziemlich zufällig wirkend hängen dann Verbindungen.

#Docker Compose-Setup mit #Coolify: Anfragen wechseln zwischen den Umgebungen, weil es kein Docker-Netz pro Umgebung gibt und per DNS-Round-Robin Anfragen zufällig an Apps verteilt werden.

#Traefik aktualisiert Zertifikate auf Basis von 2160 Stunden Gültigkeit (änderbar mit acme.certificatesDuration). #step-ca gibt Zertifikate aus, die 24 Stunden gültig sind (änderbar über authority.claims.{max,default}TLSCertDuration). Kein Wunder, dass das ganze Setup einen Tag später nicht mehr läuft.

Usw. usf.

noodleMay 20

#lazyweb
I swapped my domain from VentraIP to BinaryLane, but VentraIP was a much more fully featured and helpful platform.

Trouble is I issue my Pangolin certs through lego (for Traefik for Pangolin), which doesn't support VentraIP. BinaryLane doesn't allow for much granularity in the access provided either, so my VPS has more access than I'm comfortable with.

Can anyone recommend any of Lego's other supported DNS providers, or have their own self maintaining approach for #Pangolin / #Traefik DNS-01 wildcard certificates that doesn't need to give lego access to your domain provider?

Ideally Australian.

lego's list is here:
https://go-acme.github.io/lego/dns/

DNS Providers :: ACME client and library written in Go.

Important lego is an independent, free, and open-source project, if you value it, consider supporting it! ❤️ Configuration and Credentials Credentials and DNS configuration for DNS providers must be passed through environment variables. Environment Variables The environment variables can reference a value.

ACME client and library written in Go.