Coolify logoCoolify

Traefik Dashboard

By default, the Traefik dashboard is enabled in secure mode, but not configured to be accessible from the internet.

To enable access from the internet, you need to add a dynamic configuration and secure it with a username and password.

Secure mode (with Dynamic Configuration)

Tip

How to configure Traefik's dynamic configuration? Read more

CAUTION!

Enabling dashboard will also enable traeifk API which will sit on /api path, protected with this basicAuth. This is a conflict with Coolify's own api which also sits on /api and uses a Bearer token. If you enable the dashboard, you will be unable to use Coolify's API and will always get 401. Disabling dashboard will help you access the API again.

You can enable Traefik's dashboard by adding the following dynamic configuration:

http:
  middlewares:
    auth:
      basicAuth:
        users:
          - "<GENERATED_USERNAME>:<GENERATED_PASSWORD>"
    redirect-to-https:
      redirectScheme:
        scheme: https

  routers:
    dashboard-http:
      rule: Host(`<DOMAIN_FOR_TRAEFIK>`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
      entryPoints:
        - http
      service: api@internal
      middlewares:
        - redirect-to-https

    dashboard-https:
      rule: Host(`<DOMAIN_FOR_TRAEFIK>`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
      entryPoints:
        - https
      service: api@internal
      tls:
        certResolver: letsencrypt
      middlewares:
        - auth

Replace <DOMAIN_FOR_TRAEFIK>, <GENERATED_USERNAME>, and <GENERATED_PASSWORD> with your own values.

You can reach the dashboard by visiting https://<DOMAIN_FOR_TRAEFIK>/dashboard/#/.

How to generate user/password?

You can generate one with the htpasswd command:

htpasswd -nbB test test

Example output:

test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/

If you want to enable the dashboard in insecure mode (without a password), all you need to do is go to the proxy configurations view and change the insecure setting to true, then restart the proxy..

- '--api.insecure=true'

Custom SSL Certificates

Use custom SSL certificates with Traefik proxy in Coolify including self-signed certificates, Let's Encrypt, and public CA certificates configuration.

Custom Middlewares

Apply custom Traefik middlewares to Coolify applications and Docker Compose services for rate limiting, IP whitelisting, custom headers, and more.

On this page

Traefik DashboardSecure mode (with Dynamic Configuration)How to generate user/password?Insecure Mode (Not Recommended)