I'm using traefik in docker-mode. It's retrieving most config (acme.domains, enabled, frontend-rules,...) from the docker containers.
Currently all containers are reachable from the WWW (0.0.0.0). I'm wondering how to restrict the access to a single container to some dedicated ip-addresses.
The docker labels of the private web-service would look like:
labels:
- "traefik.enable=true"
- "traefik.backend='private container'"
- "traefik.whitelistSourceRange=192.168.1.0/24"
The whitelisted ip is in this case of course just an example. This could be any private ip-subnet.
Maybe it's possible to set a frontend-rule which bases on "client.ip"?
Thanks for your help!
