I can ping the server and an nslookup resolves to the server IP correctly but whenever I try to connect from outside my network (over another wifi or 4G) the url just give a timeout. I checked the propagation and it is fine, I have domain and CNAME records on cloudflare for the subdomains and the ports are forwarded on the router. I cant find what's wrong with it.
This is my stack/compose:
version: '3'
services:
traefik:
image: traefik:latest
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
ports:
- 80:80
- 443:443
environment:
- CF_API_EMAIL=*************
# - CF_DNS_API_TOKEN=YOU_API_TOKEN
- CF_API_KEY=**********
# be sure to use the correct one depending on if you are using a token or key
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- /home/pi/traefik/data/traefik.yml:/traefik.yml:ro
- /home/pi/traefik/data/acme.json:/acme.json
- /home/pi/traefik/data/config.yml:/config.yml:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.entrypoints=http"
- "traefik.http.routers.traefik.rule=Host(**.*******.xyz
)"
- "traefik.http.middlewares.traefik-auth.basicauth.users=:"
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
- "traefik.http.routers.traefik-secure.entrypoints=https"
- "traefik.http.routers.traefik-secure.rule=Host(**.*******.xyz
)"
- "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
- "traefik.http.routers.traefik-secure.tls.domains[0].main=***"
- "traefik.http.routers.traefik-secure.tls.domains[0].sans=.******"
- "traefik.http.routers.traefik-secure.service=api@internal"networks:
proxy:
external: true
Here is my config.yml
http:
#region routers
routers:
pihole:
entryPoints:
- "https"
rule: "Host(***.***.******.xyz
)"
middlewares:
- default-headers
- addprefix-pihole
- https-redirectscheme
tls: {}
service: piholepstore: entryPoints: - "https" rule: "Host(`***.***.******.xyz`)" middlewares: - default-headers - https-redirectscheme tls: {} service: pstore
services:
pihole:
loadBalancer:
servers:
- url: "http://192.168.1.20:8070"
passHostHeader: truepstore: loadBalancer: servers: - url: "http://192.168.1.20:8081" passHostHeader: true
middlewares:
addprefix-pihole:
addPrefix:
prefix: "/admin"
https-redirectscheme:
redirectScheme:
scheme: https
permanent: true
authelia:
forwardAuth:
address: "http://authelia:9091/api/verify?rd=https://***.***.******.xyz"default-headers: headers: frameDeny: true sslRedirect: true browserXssFilter: true contentTypeNosniff: true forceSTSHeader: true stsIncludeSubdomains: true stsPreload: true stsSeconds: 15552000 customFrameOptionsValue: SAMEORIGIN customRequestHeaders: X-Forwarded-Proto: https default-whitelist: ipWhiteList: sourceRange: - "10.0.0.0/8" - "192.168.0.0/16" - "172.16.0.0/12" secured: chain: middlewares: #- default-whitelist - default-headers
And here is my traefik.yml
api:
dashboard: true
debug: true
entryPoints:
http:
address: ":80"
https:
address: ":443"
serversTransport:
insecureSkipVerify: true
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
file:
filename: /config.yml
certificatesResolvers:
cloudflare:
acme:
email: *********
storage: acme.json
dnsChallenge:
provider: cloudflare
resolvers:
- "1.1.1.1:53"
- "1.0.0.1:53"
log:
level: debug
Can anyone help please?