---
***[This is part of my series on building the next v4v.app (v2)](https://peakd.com/created/v4vapp-v2)***

***This is a value for value post: see the explanation in the footer.***

---

<div class="pull-right">


![image.png](https://files.peakd.com/file/peakd-hive/brianoflondon/AJoGgTbsfB2Y8BtKmZMKS4foerQeQpJgnWGXXXJcsvyHdhCXLHpbtMtrZGNLbhv.png)


</div>

## Traefik is a reverse proxy

If you've been around on the internet a while maybe you've heard of the word proxy[^1]. But what you need when running servers is a "reverse proxy". This is a server whose job is to send work to other servers.

>A reverse proxy is a type of proxy server that sits between a client and one or more servers, acting as an intermediary on behalf of the server or servers. Unlike a traditional forward proxy, which is used by clients to access resources on the internet, a reverse proxy is used by servers to handle incoming requests from clients.

In order for my new website to work, I need to put it on a server and I need to configure software called Traefik to do it.

I have a love hate relationship with Traefik. I started using it almost two years ago after watching a video on YouTube. I followed that precisely and got it working but later realised I had very little clue how it works.

So now I've gone back in and learned how to do a basic configuration from first principals.

### HTTPS SSL Certificates

There's another reason we use a reverse proxy: SSL certificates and HTTPS. Traefik handles this.

## Learn from my code

I'm not going to explain absolueverything, the code is on Github and I'm happy to help if there's something you don't understand.

[https://github.com/brianoflondon/v4vapp-frontend-v2-traefik](https://github.com/brianoflondon/v4vapp-frontend-v2-traefik)

### Two Docker Containers

Half the magic happens in the [`docker-compose.yaml`](https://github.com/brianoflondon/v4vapp-frontend-v2-traefik/blob/4d29ed540afa17241793c8167effc3523b61baa7/docker-compose.yaml	) file:

```
services:
  traefik:
    image: "traefik:latest"
    container_name: "traefik-p51"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./traefik:/etc/traefik
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - traefik-ssl-certs:/ssl-certs
    networks:
      - traefik-public-p51
    env_file:
      - .env
    restart: unless-stopped

  dev-frontend:
    container_name: dev-frontend
    image: brianoflondon/v4vapp-frontend-v2:develop
    restart: always
    labels:
      # Enable Traefik for this specific "api" service
      - traefik.enable=true
    networks:
      - traefik-public-p51
```

This fetches two containers: `traefik` (the reverse proxy software) and my own `v4vapp-frontend-v2` which I wrote about creating yesterday. 

I haven't yet written up how the project I posted about yesterday gets to Docker's Hub (it's via something called Github Actions) but that will be covered soon.

Important points to note is that both these containers are in the same network (`traefik-public-p51`).

The second file is the [`traefik.yaml`](https://github.com/brianoflondon/v4vapp-frontend-v2-traefik/blob/1adb4efa61a545d6d62c15fff6d1b17cacc38403/traefik/traefik.yaml)

It actually is possible to do all this in one `docker-compose.yaml` file but I find this to be unwieldy. If I have a complaint about Traefik it's that because it offers a range of different ways to configure itself, it becomes very hard to know what to do.

#### SSL with Cloudflare

I'll just point out this part which is responsible for generating SSL certificates in conjunction with being able to alter Cloudflare's DNS settings. There's a .env file in the folder which holds an API key from Cloudflare. On Github there's a .env.sample file with some instructions.

```
# These resolvers use Cloudflare DNS API instead of web challenge
certificatesResolvers:
  cloudflare-production:
    acme:
      email: ssl@v4v.app
      storage: /ssl-certs/acme.json
      caServer: "https://acme-v02.api.letsencrypt.org/directory"
      dnsChallenge:
        provider: cloudflare
```

Hopefully this very simple configuration will give you some ideas how to use it yourself.

## I'm using Cloudflare

One thing to note is that I'm using Cloudflare. This allows me to redirect traffic from Cloudflare into my reverse proxy which can be running anywhere and also handles DNS challenges for the SSL certs. I will eventually be running this on a @privex server but just for now it is running on an old laptop I have at home.

Just by redirecting the DNS entry [2.v4v.app](2.v4v.app) will go wherever I want, and right now it will come to my home. In addition Cloudflare will not reveal my home IP address.


[^1]:In computer terms, a proxy refers to a server or software application that acts as an intermediary between a client device and another server or service on the internet. The proxy server essentially makes requests on behalf of the client, which allows the client to access resources on the internet indirectly without revealing its own IP address or other identifying information. 
Proxies can be used for various purposes, such as to improve network performance, filter content, or enhance security. For example, a proxy server can be used to cache frequently requested web pages and serve them to clients from the cache instead of retrieving them from the original web server each time, which can reduce network traffic and improve response times. 
Proxies can also be used to filter out unwanted content or restrict access to certain websites or services based on predefined rules. In addition, proxies can be used to enhance security by masking the client's IP address and encrypting traffic between the client and the proxy server, which can help protect against network-based attacks and surveillance.

-------

## Value for Value

For the last few months while building @v4vapp I was generously supported by the DHF. Going forward I have a much more modest support which covers direct server costs and a little of my time.

If you appreciate the work I do on and around Hive, you can express this directly: upvoting posts on Hive is great. Also consider a direct donation (there's a Tip button on Hive or a Lightning Address) on all my posts.

**[Support Proposal 244 on PeakD](https://peakd.com/me/proposals/244)
[Support Proposal 244 with Hivesigner](https://hivesigner.com/sign/update-proposal-votes?proposal_ids=%5B244%5D&approve=true)
[Support Proposal 244 on Ecency](https://ecency.com/proposals/244)
[Vote for Brianoflondon's Witness KeyChain or HiveSigner](https://vote.hive.uno/@brianoflondon)**

-------

<div class="pull-right">

![Send Lightning to Me!](https://files.peakd.com/file/peakd-hive/brianoflondon/AK3gcbmQA5oP28nnfgu5MiW8JCXw1XA6tYghwFWbSkPW2P6hXto5i7TDRTkPRVa.png)
</div>

- [Get Fountain for Podcasts and 3speak shows](https://fountain.fm/refer/brianoflondon-76b73a585e)
- [Find me on Telegram](https://t.me/brianoflondon)
- [V4VAPP Support on Telegram](https://t.me/v4vapp_support)
- [Vote for Brianoflondon's Witness KeyChain or HiveSigner](https://vote.hive.uno/@brianoflondon)
- [Vote for Brianoflondon's Witness direct with HiveSigner](https://hivesigner.com/sign/account-witness-vote?witness=brianoflondon&approve=1)
- [Find my videos on 3speak](https://3speak.online/user/brianoflondon)
- [Verify my ID and Send me a direct message on Keybase](https://keybase.io/brianoflondon)