Traefik
CLICKING the STAR in the UPPER RIGHT promotes our PROJECT on GITHUB! - WARNING, PLEASE VISIT https://plexguide.com/wikis/ - This is the old wiki!
-
Traefik Basics
-
Configuring Traefik
- Traefik Legacy V1
- Traefik V2:
- CloudFlare
- Gandi
- GoDaddy
- NameCheap
WARNING: Port 80 and 443 have to be open for Traefik to work. By default, you should be good. If you have Caddy, CPanel, or some server website hosting software; you may have problems. Without Traefik being able to route through 80 and 443, your certificates will not work!
Traefik is a modern reverse proxy that not enables the use of your subdomains, but has the ability to provide authentication and issue SSL certificate using Lets Encrypt.
If you are a new user, legacy Traefik is the easiest to setup and you can switch between both if you ever wantto choose the other. I would recommend to utilize Traefik v2 which also includes the setup of CloudFlareintegration
- Easiest to setup.
- When domain is pointing to your IP prior to setup, process only takes minutes for it work.
- Can only request 20 new subdomains per week.
- You cannot create custom subdomains via PlexGuide.
- If creating custom containers, these will count against your requests.
- Not setup for CloudFlare intergration.
- After it runs, you can create containers with unlimited subdomains.
- Able to setup custom subdomains.
- Do not have to worry about rate count (unless you just decide to run Traefik over and over again for no reason).
- Requires only a DNS challenge; not authenticating each individual application.
- PG creates extra subdomains that work. For example, OMBI can be accessed via the following:
- request.domain.com
- requests.domain.com
- ombi.domain.com
- domain.com
- Little more time consuming due to retrieving your API keys depending on your provider!
For this example, we are going to use GoDaddy.com. In general, the concept is the same. You need a wildcard provider (if not, you have to type out each subdomain). You will need to create two A records as shown below!
[ Photo ]
These instructions generally apply to other providers, granted they allow you to use a WILDCARD. This is something you should ask or find out. If you cannot use a WILDCARD, you can follow the steps below; but you have to type out each subdomain such as plex.domain.com - emby.domain.com
- Require an @ ( A Record ) that points to your IP!
- Highly Recommend a * ( Wild Card A Record ) that points to your IP!
- After you have signed up for a domain, please goto your domain and you should see the following options. Click - DNS.
- Next, click the ADD button in the bottom right and type the following
[ PHOTO ]
- After you setup your wildcard domain, you should see the following:
Again, this is the same concept for any domain provider. You needed two create two A records. One is generally there already (the @ record). Then the wildcard (*) record A record. Both need to point to your server IP Address!
In general, your going to create a free account with CloudFlare. From there, you point your NAMESERVERS to CloudFlare. Afterwards, you'll have to WAIT until CloudFlare says your domain is ready. This can take several minutes to a few a hours.
Note 1: Note, if we made updates to Traefik and/or including the TOML, you must RERUN Traefik under applications > critical.
Note 2: If you have a prior setup using CloudFlare for the current domain, you may want to delete it. One member reported that a prior setup botched their setup with Version 2. Basically took them days to figure everything out and had to go through this process from scratch!
Ensure that you have the following two A records setup. Below is an example of how it would look like if you were utilizing GoDaddy as your domain provider.
-
Ensure that you have the following two A records setup from above!
-
Next, you will CloudFlare will query your DNS records! Remember, that this process can take hours for the transition to complete!
-
Select the FREE PLAN unless you just love spending money or if your domain is subject to continuous attacks.
- CloudFlare will now scan your DNS records. Ensure that you have your domain and wildcard present. If not, you failed to pay attention above. Ensure that the VALUE point to the IP address of your Domain.
[ PHOTO ]
-
Now you must change your name servers to what CloudFlare says. Don't care? Then it will never work.
-
Back to your domain provider, change the name servers. The following picture is an example with GoDaddy.
[ PHOTO ]
- Now you must wait for CloudFlare to pick up on the NAMESERVER change! You'll notice back at CloudFlare, you have to wait!
[ PHOTO ]
- This picture below should work within an hour, sometimes in minutes. Depends...
- Obtain Your API Key.
- Scroll downward and select VIEW API KEY for the GLOBAL API KEY.
- Copy the Global API Key and Save It! You will need to Paste it in the PlexGuide Interface.
Note for Windows PUTTY USERS: CTRL+V does not work! Use SHIFT+Insert to PASTE!
- Select CloudFlare via the Settings under PlexGuide
- Read the Warning!
- Type in the CLOUDFLARE_EMAIL information (yes your email)
- Type in the CLOUDFLARE_API_KEY
- PG will process your information and rebuild your containers accordingly!
- It can take a few minutes for your to works (assuming you setup correctly)
NOTE: If it says your certificate is valid but your https:// is not working, it is because your DNS has not fully propagated meaning you may not see it work for up to 2-24 hours (mostly likely 12). Try using a different browser or clear you cache if your testing for troubleshooting reasons.
NOTE: Visit https://portainer.domain.com or http://ipv4:9000 to view your logs! Portainer will save you a-lot of time from guessing on what's going on!
- First click on the Container Links!
- Click Logs
- Read the Following Information.
- Successful View: Should see your domain and/or * wildcard domain in the logs in regards to a valid certificate.
NOTE: Exceed Error Rate - If you run Traefik many times over, you may have to wait up to one week in order to be able to obtain another certificate.
Cloudflare requires a little patience when you move your domain over. Overall, it's free and probably the best option due to the protection it provides. Generally, this should almost work for any domain provider.
GoDaddy is one of the most popular domain registers and is highly trusted. I found their process easiest to use!
Ensure that you have the following two A records setup.
- Obtain your keys by visiting: https://developer.godaddy.com/keys
- Login and click the "create key" button.
- Switch to Production! If not, your gonna ask us a billion questions.
- Copy Both the Key & Secret for the PlexGuide Interface.
Note for Windows PUTTY USERS: CTRL+V does not work! Use SHIFT+Insert to PASTE!
- Select GoDaddy via the Settings under PlexGuide
- Read the Warning!
- Type in the GODADDY_API_USER information (API Key)
- Type in the GODADDY_API_SECRET
- PG will process your information and rebuild your containers accordingly!
- It can take a few minutes for your to works (assuming you setup correctly)
NOTE: Visit https://portainer.domain.com or http://ipv4:9000 to view your logs! Portainer will save you a-lot of time from guessing on what's going on!
- First click on the Container Links!
- Click Logs.
- Read the Following Information.
- Successful View: Should see your domain and/or * wildcard domain in the logs in regards to a valid certificate.
NOTE: Exceed Error Rate - If you run Traefik many times over, you may have to wait up to one week in order to be able to obtain another certificate.
GoDaddy's overall experience is pretty good. GoDaddy can tend to be a little spammy with options and they overcharge for privacy protections. Always looks for coupons and low cost alternative domains.
NameCheap requires that you have spent $50 over the last two years before you are able to use their API. As a result, I have not been able to test this for you, but put the required fields in. If this works, please update this guide for others!
Purchase a domain with NameCheap and then use CloudFlare as a work around. Please visit the Traefik CloudFlare v2 Guide. Be aware that once you make the changes, it can take a few minutes to make all this work!
Ensure that you have the following two A records setup. (Below is a GoDaddy Picture, but same concept)
- Obtain your keys by emailing their tech support for their API Key!
- Copy Both the Key & Secret for the PlexGuide Interface.
Note for Windows PUTTY USERS: CTRL+V does not work! Use SHIFT+Insert to PASTE!
- Select NameCheap via the Settings under PlexGuide
- Read the Warning!
- Type in the NAMECHEAP_API_USER information (yes your email)
- Type in the NAMECHEAP_API_KEY
- PG will process your information and rebuild your containers accordingly!
- It can take a few minutes for your to works (assuming you setup correctly)
NOTE: Visit https://portainer.domain.com or http://ipv4:9000 to view your logs! Portainer will save you a-lot of time from guessing on what's going on!
- First click on the Container Links!
- Click Logs.
- Read the Following Information.
- Successful View: Should see your domain and/or * wildcard domain in the logs in regards to a valid certificate.
NOTE: Exceed Error Rate - If you run Traefik many times over, you may have to wait up to one week in order to be able to obtain another certificate.
NameCheap does have cheap domains that you can utilize over a period of 5 years for nearly $6. To get around this, sign up for CloudFlare and point your domain in that direction. NameCheap is behind in that you have to email them for the API and this can take awhile depending on their mode.
Visit our Website By Click the Picture Below!
