Syncthing docker-compose-Setup mit Traefik als Reverse-Proxy mit HTTP-Basic-Auth

Dieses Setup verwendet ein docker-compose-basiertes syncthing-Setup und Traefik als Reverse-Proxy. HTTP-Basic-Auth wird verwendet, um unbefugten Zugriff auf die Syncthing-Web-UI zu verhindern. Alternativ können Sie den integrierten Passwortschutz verwenden.

Siehe Einfaches Traefik docker-compose-Setup mit Lets Encrypt Cloudflare DNS-01 & TLS-ALPN-01 & HTTP-01 Challenges für mein HTTPS-Setup für Traefik.

docker-compose.syncthing.yml

services:
  syncthing:
    image: syncthing/syncthing
    hostname: Syncthing-Myserver
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - ./syncthing_data:/var/syncthing
    ports: # NOTE: 8384 not forwarded, this is handled by traefik
      - "22000:22000"
      - "21027:21027/udp"
    restart: unless-stopped
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.syncthing.rule=Host(`syncthing.myserver.net`)"
      - "traefik.http.routers.syncthing.entrypoints=websecure"
      - "traefik.http.routers.syncthing.tls.certresolver=cloudflare"
      - "traefik.http.routers.syncthing.tls.domains[0].main=myserver.net"
      - "traefik.http.routers.syncthing.tls.domains[0].sans=*.myserver.net"
      - "traefik.http.services.syncthing.loadbalancer.server.port=8384"
      - "traefik.http.routers.syncthing.middlewares=syncthing-auth"
      # Auth (this is shared with the server). NOTE: generate with "htpasswd -n admin" and REPLACE EVERY "$" by "$$" IN THE OUTPUT!
      - "traefik.http.middlewares.syncthing-auth.basicauth.users=admin:$$apr1$$ehr8oqEZ$$tHoOVLG19oHdUe81IeePo1
"

services:
  syncthing:
    image: syncthing/syncthing
    hostname: Syncthing-Myserver
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - ./syncthing_data:/var/syncthing
    ports: # NOTE: 8384 not forwarded, this is handled by traefik
      - "22000:22000"
      - "21027:21027/udp"
    restart: unless-stopped
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.syncthing.rule=Host(`syncthing.myserver.net`)"
      - "traefik.http.routers.syncthing.entrypoints=websecure"
      - "traefik.http.routers.syncthing.tls.certresolver=cloudflare"
      - "traefik.http.routers.syncthing.tls.domains[0].main=myserver.net"
      - "traefik.http.routers.syncthing.tls.domains[0].sans=*.myserver.net"
      - "traefik.http.services.syncthing.loadbalancer.server.port=8384"
      - "traefik.http.routers.syncthing.middlewares=syncthing-auth"
      # Auth (this is shared with the server). NOTE: generate with "htpasswd -n admin" and REPLACE EVERY "$" by "$$" IN THE OUTPUT!
      - "traefik.http.middlewares.syncthing-auth.basicauth.users=admin:$$apr1$$ehr8oqEZ$$tHoOVLG19oHdUe81IeePo1
"

Check out similar posts by category: Docker, Traefik

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow

Buy me a coffee