Adding an https proxy server in 5 minutes — Docker and Traefik

Matt Gosden
3 min readDec 10, 2021

These are notes to my future self on how to quickly put a docker HTTPS proxy in-front of a new app with minimal effort. It may help someone else too who is looking for the same thing …

The situation

I have an app I have just deployed using docker-compose on a new server. I’ve already set up the server and pointed my DNS to it so it is running on the unsecure port 80 at http://app.example.com

I need to move my app so that it operates over the secure port 433 on https://app.example.com and not on port 80.

I want to do this with the least effort and fastest way possible for now. It doesn’t have to be production perfect yet but needs to work ideally in the next 5 minutes… Let’s go

The theory of what’s happening

In theory we will add a proxy server in front of our app using Nginx, Traefik or similar that listens on the port 433 and then redirects that traffic to our app container.

That’s all very well, but that proxy server also needs to manage certificates so that HTTPS works. This can be done for free with certbot or letsencrypt, but this all takes a bit of time to configure.

Thankfully Traefik has a nice container that does all of that out of the box with a few minutes of configuration.

The five minute job

Starting point

My app is already deployed using a very simple docker-compose and the docker-compose.yml looks something like this. I’ve pointed the DNS for my domain (example.com) to the server.

Spin this up with docker-compose up --build . The app is running and I can see it using http://app.example.com (unsecure port 80)

My server has a firewall on already so that it can only receive on port 80 and 443.

Drop in the HTTPS Traefik container

Into docker-compose.yml we will drop in an HTTPS Traefik container as a new service.

--

--