I have traefik (docker) running in my server using its own
docker-compose file where I also have a named
traefik network set as external for other container/services/app/etc.
Then I have many different applications running on that same server within their own
I'm using traefik labels and everything is working great. Namely my services/app are correctly reverse proxied to the outside world over the internet.
However I just noticed that I'm unable to actually access one service from another. I never had that use-case but it seems it was always like that..
For example I have a gitea and a gitlab server, both running from their own
docker-compose files.. And I'm trying to run a woodpecker CI server. But I noticed that the woodpecker server is unable to reach either the gitea or the gitlab server (using the domain name I have for them).
If I run the exact same woodpecker
docker-compose file on another machine, it's working. So really this seems related to the fact they are all in the same machine.
So I wonder what should I tweak to have services within traefik to talk to each other using their domain names?
And I also wonder if this is more an OS like config to tweak (the server is running debian), Though I'm able to access any of those services using their domain names e.g. in the terminal, so I don't think it's related to the OS level.
Thank you very much for any detail or direction.
- Here is my traefik
version: "3" services: traefik: restart: always image: traefik:v2.5 ports: - "443:443" - "80:80" volumes: - /var/run/docker.sock:/var/run/docker.sock - ./traefik.yml:/etc/traefik/traefik.yml - ./acme.json:/acme.json labels: - "traefik.http.middlewares.auth.basicauth.users=__USERNAME__:__PASSWORD_HASH__" - "traefik.http.routers.api.middlewares=auth" - "traefik.http.routers.api.rule=Host(`__HOSTNAME__`)" - "traefik.http.routers.api.service=api@internal" - "traefik.http.routers.api.entrypoints=https" - "traefik.http.routers.api.tls=true" - "traefik.http.routers.api.tls.certresolver=traefik_resolver" networks: default: external: name: traefik
- Here is an example of my gitea
version: "3" services: server: image: gitea/gitea container_name: gitea environment: - USER_UID=1000 - USER_GID=1000 restart: always volumes: - ./gitea:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro ports: - "222:22" labels: - "traefik.enable=true" - "traefik.http.routers.gitea.rule=Host(`__GITEA_HOST__`)" - "traefik.http.routers.gitea.entrypoints=https" - "traefik.http.routers.gitea.tls=true" - "traefik.http.routers.gitea.tls.certresolver=traefik_resolver" - "traefik.http.services.gitea.loadbalancer.server.port=3000" networks: default: external: name: traefik
- And here is my woodpecker
version: '3' services: woodpecker-server: image: woodpeckerci/woodpecker-server:latest volumes: - woodpecker-server-data:/var/lib/woodpecker/ environment: - WOODPECKER_OPEN=true - WOODPECKER_HOST=__WP_HOST__ - WOODPECKER_GITEA=true - WOODPECKER_GITEA_URL=__GITEA_HOST__ - WOODPECKER_GITEA_CLIENT=__GITEA_CLIENT__ - WOODPECKER_GITEA_SECRET=__GITEA_SECRET__ - WOODPECKER_AGENT_SECRET=__AGENT_SECRET__ labels: - "traefik.enable=true" - "traefik.http.routers.woodpecker.rule=Host(`__GITEA_HOST__`)" - "traefik.http.routers.woodpecker.entrypoints=https" - "traefik.http.routers.woodpecker.tls=true" - "traefik.http.routers.woodpecker.tls.certresolver=traefik_resolver" - "traefik.http.services.woodpecker.loadbalancer.server.port=8000" woodpecker-agent: image: woodpeckerci/woodpecker-agent:latest command: agent restart: always depends_on: - woodpecker-server volumes: - /var/run/docker.sock:/var/run/docker.sock environment: - WOODPECKER_SERVER=woodpecker-server:9000 - WOODPECKER_AGENT_SECRET=__AGENT_SECRET__ labels: - "traefik.enable=false" volumes: woodpecker-server-data: networks: default: external: name: traefik