888                              .d888 d8b 888
888                             d88P"  Y8P 888
888                             888        888
888889 https://8888b.   .d88b.  888888 888 888  888     88888b.d88b.   .d88b.
888    888P"      "88b d8P  Y8b 888    888 888 .88P     888 "888 "88b d8P  Y8b
888    888    .d888888 88888888 888    888 888888K      888  888  888 88888888
Y88b.  888    888  888 Y8b.     888    888 888 "88b d8b 888  888  888 Y8b.
 "Y888 888    "Y888888  "Y8888  888    888 888  888 Y8P 888  888  888  "Y8888



What is traefik.me?

Just like nip.io or xip.io, traefik.me is a magic domain name that provides
wildcard DNS for any IP address. Say your LAN IP address is 10.0.0.1.
Using traefik.me,

                 10.0.0.1.traefik.me   resolves to   10.0.0.1
             www.10.0.0.1.traefik.me   resolves to   10.0.0.1
          mysite.10.0.0.1.traefik.me   resolves to   10.0.0.1
         foo.bar.10.0.0.1.traefik.me   resolves to   10.0.0.1

...and so on. You can use these domains to access virtual hosts on your
development web server from devices on your local network, like iPads, iPhones,
and other computers. No configuration required!

Alternatively, traefik works with dashes, and provides a default resolving to
127.0.0.1, pretty handy in a local configuration:

                 10-0-0-1.traefik.me   resolves to   10.0.0.1
             www-10-0-0-1.traefik.me   resolves to   10.0.0.1
                   mysite.traefik.me   resolves to   127.0.0.1
                  foo.bar.traefik.me   resolves to   127.0.0.1


How does it work?

traefik.me runs a custom DNS server on the public Internet.
When your computer looks up a traefik.me domain, the traefik.me DNS server
extracts the IP address from the domain and sends it back in the response.

HTTPS support!

Thanks to Let's encrypt, a wildcard certificate is available for *.traefik.me.
Just grab the files here:

           -rw-r--r-- 1 root root 1850 Jul 08 08:02 cert.pem
           -rw-r--r-- 1 root root 3750 Jul 08 08:02 chain.pem
           -rw-r--r-- 1 root root 5600 Jul 08 08:02 fullchain.pem
           -rw-r--r-- 1 root root 1704 Jul 08 08:02 privkey.pem

As wildcard certificates are only valid for one level depth subdomains, use the
dashed-form subdomain instead of dots. Certificates are regenerated every 60 days.





Ok but why "traefik"?

The name comes from traefik.io, that is an open-source reverse proxy and load
balancer. Used in conjonction with docker, it becomes very handy for local web
development. Here is a typical docker-compose.yml file you might produce:

version: '3'
services:
  traefik:
    restart: unless-stopped
    image: traefik:v2.0.2
    command: --providers.docker=true
    ports:
      - "80:80"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
  app1:
    image: containous/whoami
    labels:
      - "traefik.http.routers.app1.rule=Host(`app1.traefik.me`)"
  app2:
    image: containous/whoami
    labels:
      - "traefik.http.routers.app2.rule=Host(`app2.traefik.me`)"

Launch it with docker-compose up. Open your browser, and visit app1.traefik.me
or app2.traefik.me. It just works as expected out of the box, without additional
configuration or /etc/hosts tuning.

To reach the container from another device on your local network, use the
following docker label :

    - "traefik.http.routers.app1.rule=HostRegexp(`app1.{ip:.*}.traefik.me`)"

Say your LAN IP address is 10.0.0.1, visiting http://app1.10.0.0.1.traefik.me
from any device on your local network will reach your app1 docker container.

For Docker Compose + HTTPS usage, checkout this sample docker-compose.yml.


Copyright

Kudos to xip.io for the inspiration of the present website, nip.io for the dns
server.

                Get in touch with me on twitter.com/@pyrou or github.com/pyrou.