SSL, Traefik, and OAuth for Rancher! (Google, GitHub, Keycloak, Azure, and more!)

Do you want to self host your Rancher UI securely in your homelab? Have you thought about putting your Rancher UI behind Traefik and your reverse proxy to get free SSL certificates using Let’s Encrypt? Do you want to make your Rancher UI available publicly and secure it using 3rd party OAuth providers like Google, GitHub, Keycloak, Okta, Shibboleth, and more? Well this is the guide for you. In this step-by-step tutorial we’ll walk through setting up the Rancher UI to use Traefik reverse proxy, get SSL certificates using Let’s Encrypt, host our UI publicly, and then add 3rd party OAuth providers so that we can use 2 factor authentication (2FA) and all of the other security features auth providers give us.

★ Subscribe!
★ I’m Live Every Tues/Thurs/Sat on Twitch
★ Join our Full Stack Discord Community!
★ Documentation found here

🔔 Social Media 🔔
► Twitch
► Twitter
► Discord
► Instagram
► Facebook
► GitHub

► Help Support the Channel on Patreon

► Techno Tim Amazon Store:

Techno Tim Kits:
► 4K YouTube Kit:
► Pro Level Live Streaming Kit:
► Budget Gaming Streaming PC 2020:
► Performance Virtualization Server:
► Budget NAS Server:
► Coding & Gaming Keyboards:
► Coding & Gaming Mice:

👕 Most of my clothes come from Target

This description contains affiliate links. If you click on one of them, I’ll receive a small commission at no cost to you. Thank you.

00:00 – What are the challenges we’re currently facing?
00:33 – How did we get here?
00:55 – Why would we want to host it publicly?
01:35 – Which ports did we use?
01:49 – What are we going to do today?
02:04 – Let’s get started
02:25 – Create a kubernetes service for our Rancher UI
03:02 – A few things we need to do before our k8s Load Balancer
03:13 – Create a public DNS record
03:37 – Secure our admin account
04:21 – Remove old admin account
05:00 – Create HOST entry or local DNS entry
05:31 – Configure Traefik
06:05 – Rancher self-signed certificate fix
06:50 – Create k8s Load Balancer
07:40 – IMPORTANT – Create a k8s annotation
08:24 – We now have a certificate from Let’s Encrypt and Rancher service is public
09:02 – Configure third party authentication providers
09:46 – Configure our new OAth application
10:31 – Authenticate, approve our new application, and sign in
10:57 – Why did we do this?
11:32 – What do you think about configuring our Rancher UI with SSL and 3rd party auth?
12:04 – Stream Highlight – What are good specs for my Homelab server?

Previous video –

⏯ Recommended Videos ⏯
► 20 Ways to Use a Virtual Machine (and other ideas for your homelab)
► Remote Gaming with Promox
► Techno Tim Homelab Tour — Server Rack and Network
► Homelab Services Tour — What am I running on my Homelab?
► Let’s Build a Discord Bot Using DiscordJS – Moderator Bot
#Homelab #Rancher #SelfHosted #Docker #Plex #Kubernetes #TechnoTim #Proxmox #Virtualization

Thank you for watching!

21 thoughts on “SSL, Traefik, and OAuth for Rancher! (Google, GitHub, Keycloak, Azure, and more!)

  1. Hey Techno Tim. Can you do a video on setting up a reverse proxy for Airsonic? Airsonic is a music server similar to Subsonic, but it requires a reverse proxy to access without vpn. Nginix is an option and there is a docker image for it. Airsonic also has a docker image. Any help would be appreciated because I've really been struggling with setting this up with rancher. Thank you for all that you do.

  2. You really don't need to spend a whole lotta money on a used Dell server. I have an old Dell R-610 Enterprise class server, running Proxmox with Centos 7 and 8. If I recall I paid under $300.00 for it. And you can find 2.50 inch hard drivers for it , getting cheaper all of the time.
    As long as you keep them under a 1 TB hd, you should be fine, while still getting 6TB worth of drive space.
     I get to play with far more powerful stuff at work, So my old dell servers works just fine for me.

Leave a Reply

Your email address will not be published. Required fields are marked *