Hello, I've been trying to set up a pypiserver wrapped with Traefik using the following docker-compose.yml.
version: '3.3'
services:
pypiserver:
image: pypiserver/pypiserver:v1.4.2
volumes:
- ./packages:/data/packages
- ./.htpasswd:/data/.htpasswd
- ./cert:/cert
command: -P /data/.htpasswd -p 443 -a update /data/packages
expose:
- "443"
labels:
# Expose container to Traefik
- "traefik.enable=true"
# Configure the route
- "traefik.http.routers.flask.rule=Host(`pip.kairospower.com`)"
- "traefik.http.routers.flask.entrypoints=websecure"
- "traefik.http.routers.flask.tls=true"
- "traefik.http.routers.flask.tls.certresolver=leresolver"
restart: always
traefik:
image: traefik:v2.1
ports:
- "80:80"
- "443:443"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./traefik:/etc/traefik:ro"
- "./traefik/acme:/etc/traefik/acme"
- ./cert:/cert
command:
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--api.dashboard=true"
- "--certificatesresolvers.leresolver.acme.email=herter@kairospower.com"
- "--certificatesresolvers.leresolver.acme.storage=/etc/traefik/acme/acme.json"
- "--certificatesresolvers.leresolver.acme.httpChallenge=true"
- "--certificatesresolvers.leresolver.acme.httpChallenge.entrypoint=web"
labels:
# Expose container to Traefik
- "traefik.enable=true"
# Dashboard
- "traefik.http.routers.traefik.rule=Host(`pip.kairospower.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.tls=true"
- "traefik.http.routers.traefik.tls.certresolver=leresolver"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.middlewares=authtraefik"
# Global redirect to HTTPS
- "traefik.http.routers.http-catchall.rule=hostregexp(`{pypiserver:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
# Middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
restart: always
In addition to that, my traefik.toml is as follows.
[providers.file]
directory = "/cert/"
[tls.stores]
[tls.stores.default]
[tls.stores.default.defaultCertificate]
certFile = "/cert/pip.kairospower.com.cert"
keyFile = "/cert/pip.kairospower.com.key"
With this setup, the only message that I receive is the following with no errors reported.
level=info msg="Configuration loaded from file: /etc/traefik/traefik.toml"
The behavior I'm seeing is that I can reach the pypiserver when the cert and key aren't present, but once they are in place, I get a 404 no matter what. It has to be something simple, so what am I missing?