Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Select an option

  • Save hivelogic2018/6050dbb3196e3c2a1d1cc0008540cf30 to your computer and use it in GitHub Desktop.

Select an option

Save hivelogic2018/6050dbb3196e3c2a1d1cc0008540cf30 to your computer and use it in GitHub Desktop.
Traefik setup

Regarding access perimeter, I have a small company with myself and my partner being the managers (manager role), 2 devops personnels (devops role), a few devs (dev role), 2 product owners / scrum masters (product role), 2 qa personnels (qa role), a few interested individuals/ prospective investors (shareholder role)

Review my files and the fact for your reference that I already got Portainer works through this setup with dokploy-traefik, meaning that I can access Portainer on the browser at docker.zingastay.com

to help me update these files to achieve the following requirements:

  • Strictly adhere to dnschallenge (DNS-01) through dokploy-traefik to serve 80/443 for public access to teleport.zingastay.com for Teleport connect, tsh and teleport web ui to work.

Hence, other services: Forgejo (git.infra.zingastay.com), dokploy-traefik UI (dashboard), Dokploy UI, to be guarded post-Teleport successful auth. After a successful auth with Teleport, users can view and launch infra services through Teleport dashboard (web ui / Teleport Connect), and also push code through Forgejo git.

  • Advise me on the use of WireGuard and how to use and leverage WG-Easy to configure for best implementation with my infra setup?

  • Allow public access *.apps.zingastay.com for deployed apps through Traefik

answer: https://docs.google.com/document/d/e/2PACX-1vTjh7bURsJiuKmniphr4t8tC4WPRw9UKzTuZyshYIjt_LUY0EaWjhPXXnMJDXwxNQRgrlR5kJJ_KXT4/pub

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment