Linux
Install and configure Traefik Hub API Gateway.
Before You Begin
It is recommended that you have a basic understanding of Systemd. You should have access to a working virtual machine/host, either on a cloud provider or on your own infrastructure.
Please make sure that you have the following:
- systemd
- Traefik Hub binary
- Checked the documentation about networking details to make sure that the Traefik Hub API Gateway can communicate with Traefik Hub to validate the token.
To install Traefik Hub API Gateway, copy and paste the following instructions in /etc/systemd/system/traefik-hub.service. This will install Traefik Hub API Gateway.
Traefik Hub binary can be downloaded on https://github.com/traefik/hub/releases
Install Traefik Hub API Gateway
[Unit]
Description=Traefik Hub
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service
[Service]
Restart=on-abnormal
User=traefik-hub
Group=traefik-hub
ExecStart=/usr/local/bin/traefik-hub --configfile=/etc/traefik-hub/traefik-hub.toml
; Use private /tmp and /var/tmp, which are discarded after traefik stops.
PrivateTmp=true
; Hide /home, /root, and /run/user. Nobody may have access to SSH-keys.
ProtectHome=true
; Make /usr, /boot, /etc and possibly some more folders read-only.
ProtectSystem=full
; The following additional security directives only work with systemd v229 or later.
; They further restrict privileges that can be gained by traefik. Uncomment if you like.
; Note that you may have to add capabilities required by any plugins in use.
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
NoNewPrivileges=true
[Install]
WantedBy=multi-user.target
Traefik Hub API Gateway config file
[hub]
token = "YOUR-TRAEFIK-HUB-TOKEN"
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.websecure]
address = ":443"
[log]
level = "INFO"
filePath = "/var/log/traefik-hub.log"
# Enable API and dashboard
[api]
# Enable ping
[ping]
YOUR-TRAEFIK-HUB-TOKEN: Your token provided by Traefik Labs
Reload Daemon:
sudo systemctl daemon-reload
Enable Service:
sudo systemctl enable my-service
Start Service:
sudo systemctl start my-service
Check Status:
sudo systemctl status my-service