studio/tuwunel
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
53d4495e212fc4918a43375a234cdc7677adc8a5
tuwunel/docs/deploying/reverse-proxy-traefik.md
Xerusion 53d4495e21 Add TLS cert info 
Added section for TLS certs
2026-01-17 01:38:00 +07:00

3.2 KiB
Raw Blame History

Reverse Proxy Setup - Traefik

<= Back to Generic Deployment Guide

Installation

Install Traefik via your preferred method. You can read the official docker quickstart guide or the in-depth walkthrough

Configuration

TLS certificates

You can setup auto renewing certificates with different kinds of acme challenges.

Router configurations

You only have to do any one of these methods.

Be sure to change the your.server.name to your actual tuwunel domain. and the yourcertresolver should be changed to whatever you named it in your traefik config.

Labels

To use labels with traefik you need to configure a docker provider.

Then add the labels in your tuwunel's docker compose file.

services:
    tuwunel:
        # ...
        labels:
            - "traefik.enable=true"
            - "traefik.http.routers.tuwunel.entrypoints=web"
            - "traefik.http.routers.tuwunel.rule=Host(`your.server.name`)"
            - "traefik.http.routers.tuwunel.middlewares=https-redirect@file"
            - "traefik.http.routers.tuwunel-secure.entrypoints=websecure"
            - "traefik.http.routers.tuwunel-secure.rule=Host(`your.server.name`)"
            - "traefik.http.routers.tuwunel-secure.tls=true"
            - "traefik.http.routers.tuwunel-secure.service=tuwunel"
            - "traefik.http.services.tuwunel.loadbalancer.server.port=6167"
            - "traefik.http.routers.tuwunel-secure.tls.certresolver=yourcertresolver"
            - "traefik.docker.network=proxy"

Config File

To use the config file you need to configure a file provider.

Then add this into your config file.

http:
    routers:
        tuwunel:
            entryPoints:
                - "web"
                - "websecure"
            rule: "Host(`your.server.name`)"
            middlewares:
                - https-redirect
            tls:
                certResolver: "yourcertresolver"
            service: tuwunel
    services:
        tuwunel:
            loadBalancer:
                servers:
            # this url should point to your tuwunel installation.
            # this should work if your tuwunel container is named tuwunel and is in the same network as traefik.
                    - url: "http://tuwunel:6167"
                passHostHeader: true

Important

Encoded Character Filtering options must be set to true. This only applies to traefik version 3.6.4 to 3.6.6 and 2.11.32 to 2.11.34

Verification

After starting Traefik, verify it's working by checking:

curl https://your.server.name/_tuwunel/server_version
curl https://your.server.name:8448/_tuwunel/server_version

=> Continue with "You're Done"

Reference in New Issue View Git Blame Copy Permalink