Docker Compose Sanity Checker?

Traefik Traefik v2 (latest)
,
1

Does anyone know of a "sanity checker" for traefik docker compose yamls? I have been struggling with the dashboard and a single service for two days now:

version: '3.8'
services:
  traefik:
    image: "docker.io/library/traefik:v2.10.5"
    container_name: "traefik2"
    restart: "always"
    command:
      - "--api.insecure=false"
      - "--providers.docker=true"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "/etc/letsencrypt/archive/dev.acumenus.net/:/etc/certs:ro"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "/portainer/Files/AppData/Config/traefik/config.yml:/etc/traefik/config.yml:ro"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik-dashboard.rule=Host(`traefik.acumenus.net`)"
      - "traefik.http.routers.traefik-dashboard.entrypoints=websecure"
      - "traefik.http.routers.traefik-dashboard.service=api@internal"
      # Basic Auth for Traefik Dashboard
      - "traefik.http.routers.traefik-dashboard.middlewares=dashboard-auth"
      # Use htpasswd to create a user/pass pair
      - "traefik.http.middlewares.dashboard-auth.basicauth.users=*******:********"  
    networks:
      - traefik-proxy
  heimdall:
    image: "linuxserver/heimdall:latest"
    container_name: "heimdall"
    restart: "always"
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/New_York # Replace with your timezone
      - APP_NAME=Parthenon
    volumes:
      - "/portainer/Files/AppData/Config/Heimdall:/config"
      - "/portainer/Files/AppData/Config/Heimdall/favicons/favicon-16x16.png:/var/www/localhost/heimdall/public/favicon-16x16.png"
      - "/portainer/Files/AppData/Config/Heimdall/favicons/favicon-32x32.png:/var/www/localhost/heimdall/public/favicon-32x32.png"
      - "/portainer/Files/AppData/Config/Heimdall/favicons/favicon.ico:/var/www/localhost/heimdall/public/favicon.ico"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.heimdall.rule=Host(`dev.acumenus.net`)"
      - "traefik.http.services.heimdall.loadbalancer.server.port=80"
    networks:
      - traefik-proxy
networks:
  traefik-proxy:
    external: true

404 on the Traefik dashboard.

Something worked briefly and then it didn't.
Any help/guidance would be greatly appreciated.

2

Start by formatting your code with 3 backticks in front and after or select it and use the </> button. It improves readability and in yaml every space matters.

3

Roger that. Thanks for the tip.

4 
version: '3.8'

services:
  traefik:
    image: "docker.io/library/traefik:v2.10.5"
    container_name: "traefik2"
    restart: "always"
    command:
      - "--api.insecure=false"
      - "--providers.docker=true"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.email=me@mac.com"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
      - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
      - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "/letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "/portainer/Files/AppData/Config/traefik/config.yml:/etc/traefik/config.yml:ro"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik-dashboard.rule=Host(`traefik.acumenus.net`)"
      - "traefik.http.routers.traefik-dashboard.entrypoints=websecure"
      - "traefik.http.routers.traefik-dashboard.service=api@internal"
      - "traefik.http.routers.traefik-dashboard.tls.certresolver=myresolver"
      - "traefik.http.routers.traefik-dashboard.middlewares=dashboard-auth"
      - "traefik.http.middlewares.dashboard-auth.basicauth.users=*******:*******"

    networks:
      - traefik-proxy

  heimdall:
    image: "linuxserver/heimdall:latest"
    container_name: "heimdall"
    restart: "always"
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/New_York # Replace with your timezone
      - APP_NAME=Parthenon
    volumes:
      - "/portainer/Files/AppData/Config/Heimdall:/config"
      - "/portainer/Files/AppData/Config/Heimdall/favicons/favicon-16x16.png:/var/www/localhost/heimdall/public/favicon-16x16.png"
      - "/portainer/Files/AppData/Config/Heimdall/favicons/favicon-32x32.png:/var/www/localhost/heimdall/public/favicon-32x32.png"
      - "/portainer/Files/AppData/Config/Heimdall/favicons/favicon.ico:/var/www/localhost/heimdall/public/favicon.ico"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.heimdall.rule=Host(`dev.acumenus.net`)"
      - "traefik.http.routers.heimdall.entrypoints=websecure"
      - "traefik.http.routers.heimdall.tls.certresolver=myresolver"
      - "traefik.http.routers.heimdall.middlewares=redirect-to-https"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true"

      - "traefik.http.services.heimdall.loadbalancer.server.port=80"
    networks:
      - traefik-proxy

networks:
  traefik-proxy:

    external: true
    driver: overlay
    attachable: true

This solved my problem after much tinkering. Posted for others who wish to integrate Heimdall, though I am sure that many have already accomplished this. Please note that SSL is through Hostinger who are not on the TLS challenge list for Let's Encrypt as a DNS provider.

5

For simplicity, you can place the http->https redirect and the certresolver globally on the entrypoint, see simple Traefik example.