There have been a few Reddit, Lemmy and Youtube posts over the past week or so about Nginx Proxy Manager and their shortfalls, mostly towards CVEs and other security issues.
The problem is that unlike Traefik, NGINX Proxy Manager is actually easy to use. And before you recommend Caddy, that also has no GUI.
What do you use, if you have stuff exposed to the outside?
Traefik has a GUI you can installed. I use Cloudflare ZT
If you are going to programmatically manage the reverse proxy, traefik is much better than NPM.
You can make NPM’s manager only accessible internally or from a certain IP to reduce your attack surface. I use both.
Traefik. Once you set it up (which granted can take a few hours if you’re new) its as easy as adding 4 lines of code to your compose file to add a new service. I started with NPM but I don’t regret switching to Traefik at all.
I heard caddy is cool, too.
With some help from this thread I think I got Traefik working! And from now on I can just add another dynamic.toml/yml file with a new srevice. Thanks!
I previously used NPM, it was easy to use and simple, but more robust stuff had to be done in the config area. I ended up having to edit configs more often than not in the end, so I switched to Traefik so now I just drop some extra blocks of text directly in my compose files and it just handles it.
I guess once I get Traefik to work it might just click (and I can move my configs into the future). I just wish Traefik had at least a config generator UI similar to NPM. I just want "this IP on this port with this certificate = https://url.tld, if you get what I mean
Traefik just need container labels. Most of the time it’s only 4 labels for the container you want to expose. Copy to a self hosted wiki and you’re good to go.
That is the easy part. What I haven’t been able to get working is services outside of docker, ie on other servers
Setup rules that forward to an IP:port I used a guide on smarthomebeginner initially. I’ll try and find it found it.
Go here https://www.smarthomebeginner.com/traefik-docker-compose-guide-2022/
And scroll till the section. “Adding non-docker or external apps behind Traefik”
That seems to have done it!
http: routers: jellyfin-rtr: rule: "Host(`[redacted].com`)" entryPoints: - websecure service: jellyfin-svc tls: certResolver: letsencrypt services: jellyfin-svc: loadBalancer: servers: - url: "http://[]redacted]:8096"
🎉
Glad you’re able to get this working and welcome to Traefik !
Glad to be here. I have been using Traefik for well over a year, but through TrueCharts, glad to have done this on my own
Vote for NPM