If you run a lot of containers this might be for you.
Thereβs various ways to expose their frontend to your local network like host ports, dedicated IPs from your LAN via MacVLAN.
I recommend Traefik.
version: '3.5'
services:
traefik:
image: traefik:latest
container_name: traefik
restart: unless-stopped
hostname: traefik
mac_address: 4a:86:5d:xx:xx:xx
command:
- "--api"
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--api.dashboard"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.dnschallenge=true"
- "--certificatesresolvers.myresolver.acme.dnschallenge.provider=cloudflare"
- "--certificatesresolvers.myresolver.acme.email=xxx"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
- "--certificatesResolvers.myresolver.acme.dnsChallenge.delayBeforeCheck=15"
networks:
macvlan0:
ipv4_address: 10.0.0.201
traefik_public:
environment:
- CLOUDFLARE_EMAIL=xxx
- CF_DNS_API_TOKEN=xxx
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./letsencrypt:/letsencrypt
networks:
macvlan0:
external: true
traefik_public:
driver: overlay
external: trueTraefik is exposed on a dedicated IP.
Next, a service but it tells Traefik it exists under x host name:
version: "3.3"
networks:
traefik_public:
driver: overlay
external: true
services:
it-tools:
container_name: it-tools
restart: unless-stopped
image: "corentinth/it-tools:latest"
networks:
traefik_public:
labels:
- "traefik.enable=true"
- "traefik.http.routers.ittool.rule=Host(`tools`)"
- "traefik.http.routers.ittool.entrypoints=web"i.e.
- "traefik.http.routers.ittool.rule=Host(tools)
You can then add this hostname to your home DNS server tools -> 10.0.0.201 (my Traefik instance).
Itβs a fast way to expose a service and saves on your internal networks IP address space.