This homework provides details and required code to deploy Traefik/whoami service using Docker, Traefik as a reverse proxy, and Cloudflare for DNS and SSL, all set up under a custom domain.
I've selected following tools:
- Docker & docker-compose: Core container management tools, providing isolated environments and simplifying multi-container setups for easy deployment and scalability.
- Traefik: Chosen for its flexibility, certificate resolver integration (Cloudlfare in this case), and real-time dashboard for service monitoring. Though Caddy uses ~40% less memory, Traefik’s features and ecosystem support make it a better fit for this setup.
- Cloudflare: A top-tier CDN and security provider, offering DDoS protection, SSL/TLS management, and performance optimization through edge caching, ensuring security and speed for the application.
Preconditions
- Docker & docker-compose is installed
In order to run this project, please follow instructions:
- Clone project (
git clone git@github.com:ervuks/wandoo-homework.git
) - Create
acme.json
file with correct permissions (pushd traefik/data && touch acme.json && chmod 0600 acme.json && popd
) - Copy
.env.example
as.env
and specify required variables - Either run
./start_compose.sh
ordocker-compose up -d
to start services
Variable explanation:
Variable | Description | Example |
---|---|---|
TRAEFIK_DASHBOARD_USER |
The username for accessing the Traefik dashboard. | admin |
TRAEFIK_DASHBOARD_PASSWORD |
The password for accessing the Traefik dashboard. Usually a hashed value for security. | hashed-password |
CF_DNS_API_TOKEN |
API token for interacting with Cloudflare DNS to manage DNS records programmatically. | your-cloudflare-api-token |
TRAEFIK_DASHBOARD_DOMAIN |
The domain or subdomain where the Traefik dashboard will be accessible. | dashboard.example.com |
DOMAIN |
The primary domain for setting up reverse proxy and other services. | example.com |
In order to verify home work correctness, use curl
to obtain JSON respose and filter out host IP address:
curl "https://wandoo.mavier.lv/api" | jq '.headers."Cf-Connecting-Ip"'
-
What is the most interesting project you have been working on? What made it so interesting?
A: I belieive for me it was how I created The Shifting Grid. This project involved building a highly dynamic system that integrates real-time data processing and cryptocurrency trading, tackling challenges like fluctuating APIs and rapid market changes. A highlight of the project was my contribution to PyBit (ByBit's official Python API), where I implemented a latest API - Check Pull request here - which is now part of the official API. What made this project truly exciting was the complexity involved. I designed an infrastructure where each user gets their own subdomain, and automated the entire build, deploy, and user management processes. -
What made you interested in specifically DevOps field from all other options in IT?
A: Automation has played a significant role in both my professional and personal life over the last 10 years. As a Quality Assurance engineer, I’ve always been drawn to scripting—whether it’s automating repetitive tasks, web scraping, or setting up home automation systems with HomeAssistant. I’ve also frequently worked with CI/CD tools like Jenkins, GitHub Actions, and GitLab, which introduced me to the importance of building efficient pipelines and workflows. With the growing significance of containers in modern development, I became fascinated by the challenge of streamlining container deployment, monitoring, and maintenance. The ability to deliver software faster and more reliably by creating automated, optimized processes is something I find deeply rewarding. The DevOps field perfectly aligns with my passion for automation and my drive to deliver high-quality software. It merges my interest in automation with the bigger picture of delivering exceptional software. -
What is your stand on security?
A: I believe data is one of the most valuable assets in the world today—whoever controls the data, controls the narrative. With over 24 billion passwords exposed by hackers in 2022 alone (Digital Shadows, 2022), it’s clear that security is a critical issue, and the trend is still rising. That’s why I believe it’s crucial for the IT field to prioritize security on behalf of users, who often lack the expertise to fully protect themselves. As the Co-founder of Password.ly, I’ve been actively involved in educating people about the importance of password security and offering innovative solutions on how to store and manage passwords safely. The same principles apply on a larger scale in software development—whether it’s securing code, ensuring secure deployment, or protecting the environments where we deploy. In summary, I see data protection as a fundamental responsibility in tech, even if it’s not always top of mind. By incorporating security into every aspect of development and operations, we can help ensure that technology serves and protects users more effectively.