# 4: Traefik - Reverse Proxy (essential) Now that your infrastructure is ready, it's time to install Traefik - the most important service you'll set up. Traefik handles secure connections and routing for all your other applications. ## What is Traefik? (Simple Explanation) **Traefik** is like a smart traffic director for your server. Think of it as a receptionist at a large office building who: - Greets visitors (web traffic) at the front door - Checks their ID (verifies security certificates) - Directs them to the right office (routes traffic to the correct application) - Makes sure they use the secure elevator (forces HTTPS) **Why Traefik is essential:** - ✅ **Automatic SSL certificates** - Makes your websites secure (HTTPS) - ✅ **Domain routing** - Directs traffic to the right application - ✅ **Security** - Protects your applications from direct internet access - ✅ **Required by other apps** - Most Infinity Tools applications need Traefik ## Why Install Traefik First? Traefik should be installed before any other application because: - **Other apps depend on it** - Many applications will ask if you want to use Traefik - **SSL certificates** - It handles secure connections for all your services - **Domain management** - It routes traffic based on your domain names - **Security foundation** - It provides a secure gateway to your applications **Without Traefik:** You'd have to manually configure SSL certificates and routing for each application - a complex and time-consuming process. ## What You'll Need Before installing Traefik, make sure you have: - ✅ **Docker installed** (from Chapter 3) - ✅ **Docker network set up** (from Chapter 3) - ✅ **A domain name** (optional but recommended) - ✅ **An email address** (for SSL certificate notifications) ### About Domain Names **What is a domain name?** It's like your website's address (e.g., `mywebsite.com`). **Why you need one:** Traefik uses your domain name to create SSL certificates and route traffic. Without one, you can still use Traefik, but you'll get security warnings in your browser. **Examples of domain names:** - `myinfinitytools.com` - `myserver.example.com` - `home.mydomain.net` **Don't have a domain?** That's okay! You can still install Traefik and add a domain later, or use your server's IP address directly. ## Step 1: Start Infinity Tools Make sure you're connected to your server via SSH, then start Infinity Tools: ``` sudo infinity-tools ``` ## Step 2: Navigate to Traefik Installation In the Infinity Tools menu, you'll see several sections. Look for: - **🔐 SECURITY & NETWORKING** - This is where Traefik is located Use your arrow keys to navigate to this section and press Enter. ### Using the Infinity Tools GUI The Infinity Tools interface makes everything easy to find and use: - ✅ **Color-coded sections** - Each category has its own color - ✅ **Clear descriptions** - Hover over options to see what they do - ✅ **Status indicators** - Shows if services are running or stopped - ✅ **Progress bars** - Shows installation progress in real-time **Look for the turquoise cursor** - it shows exactly what you're about to select! ## Step 3: Install Traefik In the Security & Networking menu, you'll see: - **Install Traefik** - This is what you want Select "Install Traefik" and press Enter. ### What Happens During Installation Traefik installation will: - Create a configuration file - Set up SSL certificate management - Create a Docker container - Configure the reverse proxy - Start the service **This usually takes 1-2 minutes.** ## Step 4: Configure Traefik During installation, you'll be asked a few questions: ### Email Address for SSL Certificates You'll see a prompt like: ``` Enter email address for SSL certificates: [admin@example.com] ``` **What to enter:** Use a valid email address you check regularly. This is used for SSL certificate notifications and warnings. **Examples:** - `admin@myinfinitytools.com` - `your-email@gmail.com` - `notifications@yourdomain.com` ### Domain Name (Optional) If you have a domain name, you'll be asked: ``` Enter your domain name (or press Enter to skip): [myinfinitytools.com] ``` **If you have a domain:** Enter it here (e.g., `myinfinitytools.com`) **If you don't have a domain:** Press Enter to skip - you can add this later ### IPv6 Configuration You might be asked about IPv6 support: ``` Do you want to enable IPv6 support? Y) Yes - Enable both IPv4 and IPv6 N) No - IPv4 only (recommended for beginners) ``` **For beginners:** Choose "N" (No) - IPv4 only is simpler and works fine for most use cases. ## Step 5: Wait for Installation After answering the questions, Traefik will install and start. You'll see messages like: ``` 📦 Installing Traefik... 🔧 Creating configuration... 🌐 Starting Traefik container... ✅ Traefik installed successfully! ``` ## Step 6: Verify Traefik is Working After installation completes, let's make sure Traefik is running properly. ### Check Traefik Status In the Infinity Tools menu, go to: - **📊 STATUS & HEALTH** → **STATUS** You should see Traefik listed as "RUNNING" or "ACTIVE". ### Using the Status Dashboard The Status & Health section gives you a complete overview of your system: - ✅ **Service Status** - Shows which applications are running - ✅ **System Health** - CPU, memory, and disk usage - ✅ **Docker Info** - All your containers and their status - ✅ **Network Status** - Shows your Docker networks **Look for the green checkmarks** - they indicate everything is working properly! ### Check Docker Containers You can also check by going to: - **📊 STATUS & HEALTH** → **DOCKER INFO** Look for a container named "traefik" - it should be running. ### Understanding the Docker Info Screen The Docker Info section shows you: - 🐳 **Container Name** - What the container is called - 📊 **Status** - Running, stopped, or restarting - 🌐 **Ports** - Which ports the container is using - 💾 **Memory Usage** - How much RAM it's using **Green status means everything is working!** Red or yellow means there might be an issue. ## Step 7: Understanding What Was Created Traefik installation creates several important files and configurations: ### Configuration Files Traefik stores its configuration in: - `/opt/speedbits/traefik/traefik.yml` - Main configuration - `/opt/speedbits/traefik/docker-compose.yml` - Docker setup ### SSL Certificates SSL certificates are stored in: - `/opt/speedbits/traefik/letsencrypt/` - Let's Encrypt certificates ### Docker Container Traefik runs as a Docker container that: - Listens on ports 80 (HTTP) and 443 (HTTPS) - Automatically redirects HTTP to HTTPS - Manages SSL certificates - Routes traffic to your applications ## Step 8: Test Traefik (If You Have a Domain) If you configured a domain name, you can test Traefik by visiting your domain in a web browser. ### What You Should See When you visit your domain, you should see: - A secure connection (HTTPS) - look for the lock icon in your browser - Either a "404 Not Found" page (normal - no apps installed yet) or a Traefik dashboard ### If You Don't Have a Domain You can still test Traefik by visiting your server's IP address: - Visit `http://YOUR_SERVER_IP` in your browser - It should redirect to `https://YOUR_SERVER_IP` - You'll see a security warning (normal without a domain) ## What's Next? Congratulations! You now have Traefik installed and running. This means: - ✅ **SSL certificates** are automatically managed - ✅ **Secure connections** are enforced - ✅ **Domain routing** is ready - ✅ **Other applications** can now be installed ### Ready for Applications Now you can install any of the applications in Infinity Tools: - **WordPress** - For websites and blogs - **Vaultwarden** - For password management - **Nextcloud** - For file storage and sharing - **And many more!** When you install these applications, they'll automatically work with Traefik to provide secure, domain-based access. ## Troubleshooting ### Traefik Won't Start If Traefik fails to start: - Check that Docker is running: `sudo systemctl status docker` - Check Docker logs: `docker logs traefik` - Verify the configuration: `cat /opt/speedbits/traefik/traefik.yml` - Try restarting: `docker restart traefik` ### SSL Certificate Issues If SSL certificates aren't working: - Make sure your domain points to your server's IP address - Check that ports 80 and 443 are open - Wait a few minutes for certificates to be issued - Check Traefik logs: `docker logs traefik | grep -i acme` ### Can't Access Traefik If you can't access Traefik: - Check that Traefik is running: `docker ps | grep traefik` - Verify ports are open: `sudo ss -tulnp | grep :80` - Check firewall settings - Try accessing via IP address instead of domain ## Quick Reference **Check Traefik status:** ``` docker ps | grep traefik ``` **View Traefik logs:** ``` docker logs traefik ``` **Restart Traefik:** ``` docker restart traefik ``` **Check SSL certificates:** ``` ls -la /opt/speedbits/traefik/letsencrypt/ ``` ## You're Ready! Traefik is now installed and running! This is the foundation that makes all your other applications work securely and efficiently. **What you accomplished:** - ✅ Installed and configured Traefik - ✅ Set up automatic SSL certificate management - ✅ Created a secure gateway for your applications - ✅ Prepared your system for other applications **Next step:** You can now install any application from the Infinity Tools menu. Each application will automatically work with Traefik to provide secure, domain-based access. ## What You Learned - **Traefik** - A reverse proxy that handles SSL and routing - **SSL Certificates** - Automatic security certificates for your domains - **Domain Routing** - How traffic is directed to the right application - **Infrastructure Foundation** - The base layer that supports all other services You now have a solid foundation for running secure, professional applications on your server! --- *Next: Installing Your First Application (Coming Soon)*