Manage your Traefik configurations with ease and confidence
Why Traefikr • Screenshots • Getting Started • Features • Configuration
Managing Traefik configurations through YAML files can be challenging—tracking changes, validating syntax, and ensuring everything works correctly before deployment. Traefikr brings simplicity and confidence to Traefik management with an intuitive web interface that makes configuration feel effortless.
✨ Visual Configuration Management - No more wrestling with YAML syntax. Configure routers, services, and middlewares through beautiful, guided forms that validate your input in real-time.
🛡️ Built-in Safety - Every configuration is validated against Traefik v3.6 schemas before being saved. Catch errors before they affect your infrastructure.
⚡ Instant Updates - Changes sync with Traefik immediately. No manual reloads or restarts needed.
🎯 Organized Workspace - See all your configurations at a glance. Quickly find what you need with search and filtering.
🔐 Secure by Design - Enterprise-grade authentication, encrypted passwords, and API key management keep your infrastructure protected.
🚀 Lightweight & Fast - The entire application runs in a single ~40MB Docker container. Minimal resource usage, maximum performance.
Start with a secure login. On first launch, Traefikr generates a strong admin password for you.
Get a complete overview of your Traefik configuration at a glance. Monitor routers, services, and middlewares all in one place.
Create and manage HTTP, TCP, and UDP routers with ease. Visual forms guide you through every option with helpful descriptions.
Intelligent forms with real-time validation make configuration effortless. Every field includes helpful descriptions, and the interface guides you through complex options with ease. No more guessing or checking documentation!
Configure load balancers and upstream services effortlessly. Add servers, adjust weights, and configure health checks—all without touching a config file.
Set up authentication, rate limiting, headers, and more. Traefikr supports all Traefik middleware types with schema-validated forms.
Manage API keys for Traefik to pull configurations. Create, view, and revoke keys with a single click.
Keep your account secure by changing your password anytime from the user menu.
Get Traefikr running in just a few steps:
Option 1: Using Pre-built Image (Recommended)
# Pull the latest image
docker pull ghcr.io/allfro/traefikr:latest
# Run with docker-compose (uses pre-built image)
docker-compose up -dOption 2: Build from Source
-
Clone and start:
git clone https://github.com/allfro/traefikr.git cd traefikr docker-compose build docker-compose up -d -
Get your admin password:
docker-compose logs traefikr | grep "Password:"
You'll see something like:
Password: jSmiVnQZ5LL0m-8xSave this password! It's shown only once.
-
Open Traefikr:
- Navigate to
http://traefikr.localhost - Login with username
adminand your generated password - Note: Add
127.0.0.1 traefikr.localhostto/etc/hosts(Linux/Mac) orC:\Windows\System32\drivers\etc\hosts(Windows) if needed
- Navigate to
-
Start managing your Traefik!
That's it! You're ready to create routers, services, and middlewares through the beautiful web interface.
- Docker & Docker Compose - That's all! Everything else is included.
- Optional: Traefik v3.6 if you want to test with a real proxy
Traefikr gives you full control over your Traefik configuration:
- Routers (HTTP, TCP, UDP) - Route traffic based on hostnames, paths, SNI, and more
- Services (HTTP, TCP, UDP) - Configure load balancers and upstream servers
- Middlewares (HTTP, TCP) - Add authentication, rate limiting, headers, compression, and more
- TLS - Manage certificates and TLS options
- Server Transports - Configure how Traefik communicates with backends
Forget memorizing configuration options:
- Schema-driven forms automatically show all available options for each resource type
- Real-time validation catches errors as you type
- Helpful descriptions explain what each option does
- Intelligent field types - dropdowns for enums, toggles for booleans, structured inputs for complex objects
Two layers of security protect your infrastructure:
- User authentication with JWT tokens for web access
- API key authentication for Traefik to poll configurations
- Password security with bcrypt hashing (never stored in plain text)
- Password management - change your password anytime from the UI
- Auto-generated credentials on first launch for immediate security
Changes appear instantly:
- Traefik polls Traefikr every 5 seconds for updates
- No manual configuration reloads needed
- See your changes take effect immediately
- Toggle resources on/off without deleting them
Traefikr is designed to be reliable and secure:
- Minimal footprint - ~40MB Docker image from scratch
- No dependencies - Fully static binary with embedded frontend
- SQLite persistence - All configurations stored reliably
- CORS protection and secure headers
- Battle-tested Go backend with comprehensive validation
Tell Traefik where to find Traefikr by adding this to your Traefik static configuration:
# traefik.yml
providers:
http:
endpoint: "http://backend:8080/api/config"
pollInterval: "5s"If you've created API keys in Traefikr (Settings page), add authentication:
# traefik.yml
providers:
http:
endpoint: "http://backend:8080/api/config"
headers:
x-traefikr-key: "your-api-key-here"
pollInterval: "5s"Customize Traefikr's behavior with these environment variables:
TRAEFIKR_DB_PATH- Where to store the database (default:/data/traefikr.db)TRAEFIK_API_URL- Traefik API endpoint for fetching entrypoints and resources (default:http://traefik)GIN_MODE- Gin framework mode, set toreleasefor production (default:debug)
Configure these when your Traefik API is protected with authentication:
Basic Authentication:
TRAEFIK_BASIC_AUTH_USERNAME- Username for Traefik API basic authTRAEFIK_BASIC_AUTH_PASSWORD- Password for Traefik API basic auth
API Key Authentication:
TRAEFIK_API_KEY_HEADER- Custom header name for API key (e.g.,X-API-Key)TRAEFIK_API_KEY_SECRET- API key value
Note: If TRAEFIK_BASIC_AUTH_USERNAME is set, basic auth will be used. Otherwise, if TRAEFIK_API_KEY_HEADER is
set, API key authentication will be used. If neither is configured, requests to Traefik API will be unauthenticated.
Traefikr acts as a central configuration hub for Traefik:
┌─────────────┐ ┌──────────────┐ ┌─────────────┐
│ Traefik │─────>│ Traefikr │<─────│ You │
│ (Proxy) │ │ (Provider) │ │ (Browser) │
└─────────────┘ └──────────────┘ └─────────────┘
│ │
│ │
│ └──── Stores in SQLite
└──── Polls for configs (every 5s)
- You configure routers, services, and middlewares through the web UI
- Traefikr validates and stores your configurations in SQLite
- Traefik polls Traefikr every 5 seconds to check for updates
- Changes apply automatically without restarts
It's that simple!
Traefikr provides a complete REST API for automation:
# Login to get a JWT token
curl -X POST http://localhost:8080/api/auth/login \
-H "Content-Type: application/json" \
-d '{"username": "admin", "password": "your-password"}'# Create an HTTP router
curl -X POST http://localhost:8080/api/http/routers \
-H "Authorization: Bearer $JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "my-router",
"provider": "http",
"config": {
"rule": "Host(`example.com`)",
"service": "my-service@http",
"entryPoints": ["web"]
}
}'All resources follow the same intuitive pattern:
GET /api/{protocol}/{type} # List all
GET /api/{protocol}/{type}/{name@provider} # Get one
POST /api/{protocol}/{type} # Create
PUT /api/{protocol}/{type}/{name@provider} # Update
DELETE /api/{protocol}/{type}/{name@provider} # Delete
Protocols: http, tcp, udp
Types: routers, services, middlewares, serversTransport, tls
Full API documentation available in openapi.json.
Want to contribute or customize Traefikr? We've made it easy!
cd backend
go mod download
DB_PATH=./traefikr.db PORT=8080 go run main.gocd frontend
npm install
npm run devdocker-compose buildSee CLAUDE.md for detailed technical documentation.
Pre-built Docker images are automatically published to GitHub Container Registry on every push to main and on version tags.
# Latest stable version (main branch)
ghcr.io/allfro/traefikr:latest
# Specific version tag
ghcr.io/allfro/traefikr:v1.0.0
ghcr.io/allfro/traefikr:v1.0
ghcr.io/allfro/traefikr:v1
# Commit-based tag (for testing specific commits)
ghcr.io/allfro/traefikr:main-abc1234Images are built for multiple platforms:
linux/amd64(x86_64)linux/arm64(ARM 64-bit, e.g., Raspberry Pi 4, Apple Silicon)
We're constantly improving Traefikr. Here's what's coming:
- Multi-user management with role-based access
- Configuration import/export (backup & restore)
- Configuration templates for common setups
- Multi-instance Traefik support
- Monitoring dashboard with metrics
- Audit logging for compliance
- Dark mode (because why not?)
Having trouble? We're here to help!
- Documentation: Check CLAUDE.md for technical details
- Issues: Report bugs on GitHub Issues
- Discussions: Ask questions in GitHub Discussions
We love contributions! Whether it's:
- 🐛 Bug reports
- 💡 Feature suggestions
- 📝 Documentation improvements
- 🔧 Code contributions
Feel free to open an issue or submit a pull request on GitHub.
Traefikr is open source software licensed under the MIT License. Use it, modify it, share it!
Built with amazing open source tools:
- Traefik - The incredible reverse proxy that makes all this possible
- Mantine - Beautiful React components that make the UI shine
- Gin - Fast and elegant Go web framework
- SQLite - Reliable, embedded database
Ready to simplify your Traefik management?
docker-compose up -d and you're on your way!
Made with ❤️ for the Traefik community
