Techno Tim | SSL, Traefik, and OAuth for Rancher! (Google, GitHub, Keycloak, Azure, and more!) @TechnoTim | Uploaded September 2020 | Updated October 2024, 4 hours ago.
Do you want to self host your Rancher UI securely in your homelab? Have you thought about putting your Rancher UI behind Traefik and your reverse proxy to get free SSL certificates using Let's Encrypt? Do you want to make your Rancher UI available publicly and secure it using 3rd party OAuth providers like Google, GitHub, Keycloak, Okta, Shibboleth, and more? Well this is the guide for you. In this step-by-step tutorial we'll walk through setting up the Rancher UI to use Traefik reverse proxy, get SSL certificates using Let's Encrypt, host our UI publicly, and then add 3rd party OAuth providers so that we can use 2 factor authentication (2FA) and all of the other security features auth providers give us.
Video Notes: https://technotim.live/posts/host-rancher-securely/
Support me on Patreon: patreon.com/technotim
Sponsor me on GitHub: github.com/sponsors/timothystewart6
Subscribe on Twitch: twitch.tv/technotim
Become a YouTube member: youtube.com/channel/UCOk-gHyjcWZNj3Br4oxwh0A/join
Merch Shop: https://l.technotim.live/shop
Gear Recommendations: https://l.technotim.live/gear
Get Help in Our Discord Community: https://l.technotim.live/discord
2nd channel: youtube.com/@TechnoTimTalks
(Affiliate links may be included in this description. I may receive a small commission at no cost to you.) Tim Kits:
► 4K YouTube Kit - kit.co/TechnoTim/4k-youtube-kit
► Pro Level Live Streaming Kit - kit.co/TechnoTim/pro-level-live-streaming-kit
► Budget Gaming Streaming PC 2020- kit.co/TechnoTim/budget-gaming-streaming-pc-2020
► Performance Virtualization Server- kit.co/TechnoTim/performance-virtualization-nas-server
► Budget NAS Server- kit.co/TechnoTim/budget-nas-server
► Coding & Gaming Keyboards- kit.co/TechnoTim/coding-gaming-keyboards
► Coding & Gaming Mice- kit.co/TechnoTim/coding-gaming-mice
00:00 - What are the challenges we're currently facing?
00:33 - How did we get here?
00:55 - Why would we want to host it publicly?
01:35 - Which ports did we use?
01:49 - What are we going to do today?
02:04 - Let's get started
02:25 - Create a kubernetes service for our Rancher UI
03:02 - A few things we need to do before our k8s Load Balancer
03:13 - Create a public DNS record
03:37 - Secure our admin account
04:21 - Remove old admin account
05:00 - Create HOST entry or local DNS entry
05:31 - Configure Traefik
06:05 - Rancher self-signed certificate fix
06:50 - Create k8s Load Balancer
07:40 - IMPORTANT - Create a k8s annotation
08:24 - We now have a certificate from Let's Encrypt and Rancher service is public
09:02 - Configure third party authentication providers
09:46 - Configure our new OAth application
10:31 - Authenticate, approve our new application, and sign in
10:57 - Why did we do this?
11:32 - What do you think about configuring our Rancher UI with SSL and 3rd party auth?
12:04 - Stream Highlight - What are good specs for my Homelab server?
Previous video - youtube.com/watch?v=pAM2GBCDGTo
⏯ Recommended Videos ⏯
► 20 Ways to Use a Virtual Machine (and other ideas for your homelab) youtube.com/watch?v=SVQmzaSabEQ
► Remote Gaming with Promox youtube.com/watch?v=fgx3NMk6F54
► Techno Tim Homelab Tour -- Server Rack and Network youtube.com/watch?v=23jbcw_n20I
► Homelab Services Tour -- What am I running on my Homelab? youtube.com/watch?v=NHvoN-phAgo
► Let's Build a Discord Bot Using DiscordJS - Moderator Bot youtube.com/watch?v=YSZcyz2-twQ
#Homelab #Rancher #SelfHosted #Docker #Plex #Kubernetes #TechnoTim #Proxmox #Virtualization
Thank you for watching!
Do you want to self host your Rancher UI securely in your homelab? Have you thought about putting your Rancher UI behind Traefik and your reverse proxy to get free SSL certificates using Let's Encrypt? Do you want to make your Rancher UI available publicly and secure it using 3rd party OAuth providers like Google, GitHub, Keycloak, Okta, Shibboleth, and more? Well this is the guide for you. In this step-by-step tutorial we'll walk through setting up the Rancher UI to use Traefik reverse proxy, get SSL certificates using Let's Encrypt, host our UI publicly, and then add 3rd party OAuth providers so that we can use 2 factor authentication (2FA) and all of the other security features auth providers give us.
Video Notes: https://technotim.live/posts/host-rancher-securely/
Support me on Patreon: patreon.com/technotim
Sponsor me on GitHub: github.com/sponsors/timothystewart6
Subscribe on Twitch: twitch.tv/technotim
Become a YouTube member: youtube.com/channel/UCOk-gHyjcWZNj3Br4oxwh0A/join
Merch Shop: https://l.technotim.live/shop
Gear Recommendations: https://l.technotim.live/gear
Get Help in Our Discord Community: https://l.technotim.live/discord
2nd channel: youtube.com/@TechnoTimTalks
(Affiliate links may be included in this description. I may receive a small commission at no cost to you.) Tim Kits:
► 4K YouTube Kit - kit.co/TechnoTim/4k-youtube-kit
► Pro Level Live Streaming Kit - kit.co/TechnoTim/pro-level-live-streaming-kit
► Budget Gaming Streaming PC 2020- kit.co/TechnoTim/budget-gaming-streaming-pc-2020
► Performance Virtualization Server- kit.co/TechnoTim/performance-virtualization-nas-server
► Budget NAS Server- kit.co/TechnoTim/budget-nas-server
► Coding & Gaming Keyboards- kit.co/TechnoTim/coding-gaming-keyboards
► Coding & Gaming Mice- kit.co/TechnoTim/coding-gaming-mice
00:00 - What are the challenges we're currently facing?
00:33 - How did we get here?
00:55 - Why would we want to host it publicly?
01:35 - Which ports did we use?
01:49 - What are we going to do today?
02:04 - Let's get started
02:25 - Create a kubernetes service for our Rancher UI
03:02 - A few things we need to do before our k8s Load Balancer
03:13 - Create a public DNS record
03:37 - Secure our admin account
04:21 - Remove old admin account
05:00 - Create HOST entry or local DNS entry
05:31 - Configure Traefik
06:05 - Rancher self-signed certificate fix
06:50 - Create k8s Load Balancer
07:40 - IMPORTANT - Create a k8s annotation
08:24 - We now have a certificate from Let's Encrypt and Rancher service is public
09:02 - Configure third party authentication providers
09:46 - Configure our new OAth application
10:31 - Authenticate, approve our new application, and sign in
10:57 - Why did we do this?
11:32 - What do you think about configuring our Rancher UI with SSL and 3rd party auth?
12:04 - Stream Highlight - What are good specs for my Homelab server?
Previous video - youtube.com/watch?v=pAM2GBCDGTo
⏯ Recommended Videos ⏯
► 20 Ways to Use a Virtual Machine (and other ideas for your homelab) youtube.com/watch?v=SVQmzaSabEQ
► Remote Gaming with Promox youtube.com/watch?v=fgx3NMk6F54
► Techno Tim Homelab Tour -- Server Rack and Network youtube.com/watch?v=23jbcw_n20I
► Homelab Services Tour -- What am I running on my Homelab? youtube.com/watch?v=NHvoN-phAgo
► Let's Build a Discord Bot Using DiscordJS - Moderator Bot youtube.com/watch?v=YSZcyz2-twQ
#Homelab #Rancher #SelfHosted #Docker #Plex #Kubernetes #TechnoTim #Proxmox #Virtualization
Thank you for watching!
