Traefik Dashboard on its own URL
I've been playing around with Traefik recently on my new VPS server as a reverse proxy.
It has a very neat dashboard which can be enabled , mostly to see which frontends and backends are enabled, but viewing some stats and a list of recent HTTP errors as well.
Most tutorials will explain to you how to enable it, but I would like to have it secured through Basic Authentication and accessible as any other normal URL I expose like my frontends.
Here below I will show you how to expose the dashboard as a publicly accessible URL, protected by Basic Auth and using Let's Encrypt to attach a valid SSL certificate to it.
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[entryPoints.traefik]
address = "127.0.0.1:1337"
[api]
entrypoint="traefik"
dashboard = true
[api.statistics]
recentErrors = 20
[acme]
email = "< your email address>"
storage = "< location of where acme.json should be>"
entryPoint = "https"
onHostRule = true
onDemand = false
[acme.httpChallenge]
entryPoint = "http"
## Backends
[backends]
[backends.traefik]
[backends.traefik.servers]
[backends.traefik.servers.backend1]
url = "http://127.0.0.1:1337"
[backends.traefik.healthCheck]
path = "/"
interval = "10s"
scheme = "http"
# Frontends
[frontends]
[frontends.traefik]
entryPoints = ["http", "https"]
backend = "traefik"
passHostHeader = true
[frontends.traefik.routes]
[frontends.traefik.routes.main]
rule = "Host:<the url you want to have the dashboard exposed on>"
[frontends.traefik.auth]
[frontends.traefik.auth.basic]
users = [
"< User and respective htpasswd digest >",
]
And there you have it. Be sure to have an existing DNS entry for your URL, otherwise Let's Encrypt will not issue a certificate, and install and use htpasswd to generate the user:digest combination to give access to the desired user to the dashboard.