Рет қаралды 44,195
The majority of Traefik tutorials all have the same problem, they expose all services routed through Traefik to the Internet. This is bad from a security perspective and increases the attack surface for your homelab. It's not a good idea to externalise Portainer, PiHole, Vaultwarden etc...
In this video I provide 3 options to restrict access to applications so you can specify exactly which services you want to expose and to which clients. Let's secure Traefik now!
Traefik Docker Files:
github.com/JamesTurland/JimsG...
Recommended Hardware: github.com/JamesTurland/JimsG...
Discord: / discord
Twitter: / jimsgarage_
Reddit: / jims-garage
GitHub: github.com/JamesTurland/JimsG...
00:00 - Introduction to the Traefik 'Security Problem'
01:29 - Demonstrating the 'Problem'
03:23 - Option 1: Cloudflare Proxy
05:00 - Option 2: Multiple Traefik Entrypoints
14:44 - Option 3: Traefik WhiteList
19:20 - Bonus Option: Deploy Two Traefik Instances
20:30 - Outro