Traefik nginx的联动及应用部署流程

部署的应用为 jupyter-scipy

# 网络硬件链路

## 硬件root

底层：126.207.xxx.xxx 公网ip

↓

一级路由器： 192.168.3.1

↓ DSM打通所有端口

二级路由器asus 192.168.50.1

↓

  PVE 192.168.50.200

       br ↓

     LXC 容器 ubuntu 192.168.50.27

        ↓

      Docker compose

        ↓

     Jupyter容器 inner port 8888 to traefik landport service (http://172.19.0.3:8888)

        ↓

     Docker network proxy 172.19.0.0/16

                 → Traefik webscure https:/192.168.50.27:443 port (if port=80, redirect to 443=https)

        ↓

     Traefik bridge network to the LXC interface occupied port 443, 90, 8080(ping), 9001(inner api)

        ↓

## 网络 root outside

     router: 192.168.50.1

       ↓

 nginx proxy manager(192.168.50.154 LXC docker RD)

 Routor rule: If guest address of “https://my.domain” recieved,

 trans from ports: 80 81 443 to  https://192.168.50.27:443

       ↓

   DNS Provider：cloudflare

DNS anlysis request of “https://my.domain”

*and proxy to a random ip of cloudflare.  

*Reason: I turn proxy off or let it be default but it seem like

*I can’t visit jupyters domain in the inner network of 192.168.50.1 for somereason?

*It is open and the tails of /lab/” have to typing in. “https://my.domain/lab” in the inside network.

# Reference

Individually delopy the trafik app and jupyters app, please refer to the following paper.

## Traefik:

→ Foundmental yml

https://hexo.aufomm.com/traefik/

→ Cloudflare Provided ssl：

Cannot apply ssl to this network so apply cloudflare ssl insteal of normal(aufomm boy) letsencrypt.

https://greenfrognest.com/LMDSTraefikProxy.php

→ Easy access of inner network:

   insert a inner-service api in traefik dockercompose labels using 192.168.50.27:9001

## jupyter-scipy:

→ Normal docker compose reference

https://qiita.com/hand10ryo/items/1980c5f146493c2b7e2f

→ Config insert of traefik part.

   Refer to the last part of sonarr

https://greenfrognest.com/LMDSTraefikProxy.php

# → Deployment ! ! !