Dashboard not reachable with https

Traefik Traefik v2 (latest)
1

Hi,

I'm running traefik 2.4 on a synology nas for SSL termination using a macvlandapter (macnet) on ip .200 supported by an aux address .199. This allows me to use port 80/443 without having to finddle around with the synology conf every time it gets an update. DNS for hostname traefik is setup as well to .200.
All my containers behind traefik are running fine connected to the backend net and are reachable.
However, the dashboard of traefik is not reachable - getting a 404 when trying to access https://traefik/dashboard/ - and I cannot figure out why. Logs also don't give any clue, maybe I'm overlooking sth. there. Via http using api.insecure the dashboard is working fine.
Any ideas what might be wrong about my config?

version: '2.4'

networks:
  backend:
    name: backend
  macnet:
    external: true
    name: macnet

services:
  app:
    image: traefik:v2.4
    command:
       - --log.filePath=/var/log/traefik.log
       - --log.level=DEBUG
       - --accesslog=true
       - --accesslog.bufferingsize=100
       - --accesslog.filepath=/var/log/access.log
       - --accesslog.filters.statuscodes=400-600
       - --api.dashboard=true
       - --providers.docker
       - --providers.docker.exposedbydefault=false
       - --providers.file.directory=/etc/traefik/dynamic_conf
       - --entrypoints.websecure.address=:443
       - --entrypoints.web.address=:80
       - --entrypoints.web.http.redirections.entrypoint.scheme=https
       - --entrypoints.web.http.redirections.entrypoint.to=websecure
       - --entrypoints.mqtt.address=:1883
    labels:
      - "traefik.enable=true"
      - "traefik.http.middlewares.auth.basicauth.users=omitted"
      - "traefik.http.routers.dashboard.middlewares=auth"
      - "traefik.http.routers.dashboard.rule=(Host(`traefik`) || Host(`traefik.lan`)) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
      - "traefik.http.routers.dashboard.entrypoints=websecure"
      - "traefik.http.routers.dashboard.service=api@internal"
      - "traefik.http.routers.dashboard.tls=true"
    networks:
      macnet:
        ipv4_address: 192.168.1.200
      backend: {}
    volumes:
    - ./certs:/certs:ro
    - ./dynamic_conf:/etc/traefik/dynamic_conf:rw
    - ./logs:/var/log:rw
    - /var/run/docker.sock:/var/run/docker.sock:rw

  whoami:
    # A container that exposes an API to show its IP address
    image: traefik/whoami
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.rule=Host(`whoami.lan`)"
      - "traefik.http.routers.whoami.tls=true"
      - "traefik.http.routers.whoami.entrypoints=websecure"
    networks:
      backend: {}
2

Your configuration seems to be correct. I deployed your configuration locally and I was able to reach dashboard/ and api/.

Do you get prompt to enter login credentials defined in AUTH middleware?

Logs can be helpful to solve your issue.

3

Nope.

traefik.log has no logs and access.log shows the 404. I guess I should pay more attention to the logs of the start phase?

4

You should get a prompt to enter user/password.

You can also switch the format to JSON to have more detailed in your log file.

Try to disable everything (including even dynamic configuration ) and try to enabling dashboard and api first. Don't forget to use the trailing slash 'dashboard/'

5

Now I get the response from the dashboard, without changing anything.

I'm 97% sure that the dashboard binds to one of my two networks attached to the container randomly. If it gets macnet the dashboard is reachable, if it gets backend it's not.

...

well I was wrong :slight_smile: If I add - "traefik.docker.network=backend" as label to the traefik container then the dashboard is working even after a few docker-compose ups and downs.

6

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.