Recently, we've been running into a weird problem. After restarting 2 nodes in our Nomad cluster, we could not properly access GitLab via SSH anymore. Web access was working fine, also cloning via https:// worked, but not via SSH which is what most of our developers use by default.
A while ago when importing a staging dump to reproduce an issue locally in one of our Magento projects, I hit an "ERR_TOO_MANY_REDIRECTS" error. Magento kept redirecting me with a HTTP 302 response code.
Sometimes, mostly for smaller customers, we deploy staging and production environments on the same machine. Not an ideal setup, but doable. Thanks to Docker the different instances can live in isolation, except of course when one instance takes the server down, the other instance is also affected.
For a long time, we've been successfully using Apache and mod_authnz_ldap to secure some of our legacy applications. Our employees could easily log in via their LDAP credentials. And while it worked, it had its problems.
When we made the move to Office 365, it was clear that at some point our old LDAP infrastructure will be fully replaced with Azure Active Directory (AAD) but I haven't had a good replacement for our simple mod_authnz_ldap solution until I realized that Traefik EE comes with an OIDC middleware.
Back in 2020 I published our customized Magento development setup with Mark Shust's Docker Configuration for Magento and Traefik version 1. Since Traefik version 2 is now out for a while, I decided to upgrade our setup. This blogpost covers the different steps I took.
Whilst preparing and testing our Docusarus instance, I realized that the RSS feed URL used by our old blog system did not work anymore because Docusaurus generates the content in a different way.
Besides being big fans of Mark Shust's Docker Configuration for Magento project as I already blogged about, we also love Traefik, the Cloud Native Edge Router. I discovered Traefik years ago and try to use it wherever we can. Depending on the project's goals we either use the open-source version or the enterprise edition. Disclaimer: I am Traefik Ambassador, so I might be a bit biased :)
In one of our projects we use Traefik as a reverse proxy together with nginx and gunicorn to run a Django app in a docker-based environment. When deployed to production, we wanted to make the Traefik UI accessible for the customer, but keep it secure from unwanted visitors. Fortunately, Traefik offers a very simple yet powerful configuration option, which we enabled in a traefik.toml configuration file:
A few months back I was looking for an HTTP reverse proxy and load balancer to put in front of our Docker setup. By accident I came across traefik. I deployed it on one of our internal servers and it worked out-of-the box. Recently we configured a Docker setup for one of our clients and I picked traefik again. Since this setup will host some public instances the customer demanded SSL encryption. Luckily traefik comes with support for Let's Encrypt built in. I added the needed configuration to the traefik configuration file: