Attempt to rewrite minimal Traefik example to use TLS does not work

uweschmitt · August 6, 2022, 2:58pm

(also posted at docker compose - Attempt to rewrite minimal Traefik example to use TLS does not work - Stack Overflow)

The minimal example from
https://doc.traefik.io/traefik/user-guides/docker-compose/basic-example/
works on my local machine. However, when I try to adapt this to use TLS I run into an issue. I'm a Traefik newbie, so I might be doing a stupid mistake.

This is my attempt:

version: "3.3"

services:

  traefik:
    image: "traefik:v2.8"
    container_name: "traefik"
    command:
      - "--log.level=DEBUG"
      - "--accesslog=true"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
    ports:
      - "443:443"
      - "8080:8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

  whoami:
    image: "traefik/whoami"
    container_name: "simple-service"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.rule=Host(`127.0.0.1`)"
      - "traefik.http.routers.whoami.entrypoints=websecure"

So the major modification is to use "traefik.http.routers.whoami.entrypoints=websecure" instead of "traefik.http.routers.whoami.entrypoints=web"

Running

$ curl -k https://127.0.0.1

I get

404 page not found

The traefik log shows no routing related issues and the internal traefik setup for routing etc shown using curl https://127.0.0.1:8080/api/rawdata | jq . looks the same as the one of the working example, except the changed port.

swiver · August 7, 2022, 10:36pm

You must explicitly define a network for your docker containers, just add:

    networks:
      - rproxy

to both your traefik container and your whoami container

then define the network at the bottom of dockercompose.yml

networks:
  rproxy:
    name: rproxy
    external: true

cakiwi · August 7, 2022, 11:02pm

Without a network defined in the compose a project wide default network is created and all service are connected to it.

This looks really straight forward, it should be working as far as I can tell.

cakiwi · August 7, 2022, 11:19pm

TLS is not enabled on the entrypoint. So you can add that on the entrypoint OR on the router.

uweschmitt · August 8, 2022, 8:08am

Thanks! Setting TLS on the router fixed it. Setting the network did not fix it, also would have surprised me because the example without TLS worked.

system · August 11, 2022, 8:09am

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Http is working - https is not Traefik v2 docker	7	3070	February 15, 2021
Requests with https lead to 404, traefik v2.10 and a simple docker-compose file Traefik v2 docker	3	480	November 21, 2023
Working example of traefikv2 setup with whoami and secure dashboard Traefik v2 docker	2	2425	August 13, 2021
Struggling w/ simplest of DNS01 challanages 'hello world' examples Traefik v3 (latest) cli	5	141	March 4, 2024
Traefik with Docker, shows 404 for HTTPS Traefik v3 (latest) docker	3	1039	June 7, 2024

Attempt to rewrite minimal Traefik example to use TLS does not work

Related topics