Skip to main content

Static Configuration File

logo-traefik-proxy-logo.png

Static Configuration File

There are three different, mutually exclusive (i.e., you can use only one at the same time), ways to define static configuration options in Traefik:

  • In a configuration file
  • In the command-line arguments
  • As environment variables

These ways are evaluated in the order listed above. If no value is provided for a given option, a default value applies. Moreover, if an option has sub-options and any of these sub-options are not specified, a default value will apply as well.

Static files can be Configured in Format of TOML or YAML Format.
I Prefer the YAML Format after working with TOML for 6 months because YAML is more intuitive for beginners.

 

How Traefik Loads the Static Configuration File

At startup, Traefik searches for static configuration in a file named traefik.yml (or traefik.yaml or traefik.toml) in:

  • /etc/traefik/
  • $XDG_CONFIG_HOME/
  • $HOME/.config/
  • . (the working directory).

 

Applying This Knowledge to Your Traefik Setup

Traefik will look for files named traefik.yml, traefik.yaml, or traefik.toml at the startup of the container. You need to mount the static configuration file into your Traefik container. Below is basic information on how to apply it in Docker Compose. For more details, refer to this post: Bind Mounts.

I just call my static configuration file on my Linux host "static.yaml" so it is clear what is meant.

Examples of How to Apply

volumes:
  # Example 1
  - '/path/to/your/static.yml:/traefik.yml:ro'
  # Example 2
  - '/path/to/your/static.yaml:/traefik.yaml:ro'
  # Example 3
  - '/path/to/your/static.toml:/traefik.toml:ro'

 

Minimum Required Information Recommended in Your Static.yaml Example:

# Configuration for Traefik v3.3 by aeoneros

global:
  checkNewVersion: true
  sendAnonymousUsage: true

entryPoints:
  web:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: websecure
          scheme: https
          permanent: true

  websecure:
    address: ":443"
    http:
      tls:
        certResolver: "leresolver"
        domains:
          - main: 'aeoneros.com'
            sans:
              - '*.aeoneros.com'

tls:
  certificates:
    - stores: ["default"]
  stores:
    default:
      defaultCertificate: {}

log:
  filePath: "/traefik.log"
  level: "DEBUG"

accessLog:
  filePath: "/access.log"
  addInternals: true
  format: "json"
  bufferingSize: 200
  fields:
    defaultMode: "keep"
    headers:
      defaultMode: "keep"
      names:
        X-Forwarded-For: "keep"

api:
  dashboard: false
  insecure: false

providers:
  docker:
    exposedByDefault: false
    network: "your_traefik_network"
  swarm:
    network: "your_traefik_network"
  file:
    watch: true
    directory: "/dynamic/"

certificatesResolvers:
  leresolver:
    acme:
      email: '[email protected]'
      storage: '/acme.json'
      caServer: 'https://acme-v02.api.letsencrypt.org/directory'
      dnsChallenge:
        provider: 'cloudflare'
        delayBeforeCheck: '0'
        resolvers:
          - '1.1.1.1:53'
          - '1.0.0.1:53'
          - '8.8.8.8:53'

 

For more about dynamic configuration, see: Dynamic Configuration Files.