Jafner.net/homelab/stacks/traefik/README.md

### The `web` Network

Created with `docker network create --driver=bridge --subnet=172.20.0.0/23 --ip-range=172.20.1.0/24 web`

Previous version was naive, and had a subnet equal in size to the IP range. This meant that we would occasionally encounter address colisions between services which needed static IPs, and those handed IPs automatically. 

### Useful Labels

Basic web-facing service: 
- ```traefik.http.routers.<router-name>.rule=Host(`<subdomain>.jafner.net`)```
- `traefik.http.routers.<router-name>.tls.certresolver=lets-encrypt`

Restrict access to IPs in list defined in [`./config/config_addons.yaml`](./config/config_addons.yaml):
- `traefik.http.routers.<router-name>.middlewares=lan-only@file`

Explicitly set the container-side port Traefik should route traffic to:
- `traefik.http.services.<service-name>.loadbalancer.server.port=1234`
#14 Create Traefik stack 2024-10-22 19:35:09 -07:00			### The `web` Network

			Created with `docker network create --driver=bridge --subnet=172.20.0.0/23 --ip-range=172.20.1.0/24 web`

			`Previous version was naive, and had a subnet equal in size to the IP range. This meant that we would occasionally encounter address colisions between services which needed static IPs, and those handed IPs automatically.`

			`### Useful Labels`

			`Basic web-facing service:`
Fix improper escaping special characters (`) 2024-10-24 12:40:39 -07:00			- ```traefik.http.routers.<router-name>.rule=Host(`<subdomain>.jafner.net`)```
#14 Create Traefik stack 2024-10-22 19:35:09 -07:00			- `traefik.http.routers.<router-name>.tls.certresolver=lets-encrypt`

			Restrict access to IPs in list defined in [`./config/config_addons.yaml`](./config/config_addons.yaml):
			- `traefik.http.routers.<router-name>.middlewares=lan-only@file`

			`Explicitly set the container-side port Traefik should route traffic to:`
			- `traefik.http.services.<service-name>.loadbalancer.server.port=1234`