Error 400 bad request with traefik and nextcloudpi

Traefik Traefik v2
1

so when I go to cloud.example.com (obviously not real name), it show me:

" Bad Request

Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please."

nothing in the logs for both traefik and nextcloudpi
I tried and I tried for days but I don't know what to do anymore.

here my docker-compose. yml for traefik :

version: '3'

services:
  traefik:
    image: traefik:latest
    container_name: traefik
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    networks:
      - proxy
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker. sock:/var/run/docker.sock:ro
      - ./data/traefik. yml:/traefik.yml:ro
      - ./data/acme. json:/acme.json
      - ./data/config. yml:/config.yml:ro
    environment:
      CF_DNS_API_TOKEN: "blablabla"
      CF_API_KEY: "lablbalba"
      CF_API_EMAIL: "my@mail. com"
    labels:
      - "traefik.enable=true"
      - "traefik. http. middlewares. traefik-auth. basicauth. users=admin:{SHA}mdp"
      - "traefik.http.routers.traefik-secure.entrypoints=websecure"
      - "traefik.http.routers.traefik-secure.rule=Host(`traefik.example.com`)"
      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
      - "traefik.http.routers.traefik-secure.tls=true"
      - "traefik.http.routers.traefik-secure.tls.certresolver=http"
      - "traefik.http.routers.traefik-secure.service=api@internal"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      - "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
      - "traefik.http.routers.redirs.entrypoints=web"
      - "traefik.http.routers.redirs.middlewares=redirect-to-https"
      - "traefik.http.routers.dnsweb.entrypoints=web"
      - "traefik.http.routers.dnsweb.rule=Host(`*.example.com`)"
      - "traefik.http.routers.dnsweb.tls=true"
      - "traefik.http.routers.dnsweb.tls.certresolver=dns"
      - "traefik.http.routers.dnswebsecure.entrypoints=websecure"
      - "traefik.http.routers.dnswebsecure.rule=Host(`*.example.com`)"
      - "traefik.http.routers.dnswebsecure.tls=true"
      - "traefik.http.routers.dnswebsecure.tls.certresolver=dns"

networks:
  proxy:
    external: true"

my traefik.yml :

api:
  dashboard: true
  debug: true

entryPoints:
  web:
    address: :80
    http:
      redirections:
        entryPoint:
          to: websecure
          scheme: https

  websecure:
    address: :443

providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  file:
    filename: /config.yml

certificatesResolvers:
  http:
    acme:
      email: my@mail.com
      storage: acme.json
      httpChallenge:
        entryPoint: web
  dns:
    acme:
      email: my mail.com
      storage: acme.json
      dnsChallenge:
        provider: cloudflare
        delayBeforeCheck: 0

log:
  level: info

my config.yml:

http:
  middlewares:
    https-redirect:
      redirectScheme:
        scheme: https

    default-headers:
      headers:
        frameDeny: true
        sslRedirect: true
        browserXssFilter: true
        contentTypeNosniff: true
        forceSTSHeader: true
        stsIncludeSubdomains: true
        stsPreload: true

    default-whitelist:
      ipWhiteList:
        sourceRange:
        - "10.0.0.0/24"
        - "192.168.0.0/16"
        - "172.0.0.0/8"

    secured:
      chain:
        middlewares:
        - default-whitelist
        - https-redirect

and finaly my docker-compose.yml for nextcloudpi:

version: '3'

services:
  nextcloudpi:
    image: ownyourbits/nextcloudpi-x86:latest
    container_name: nextcloudpi
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    volumes:
      - /fat-32/cave/backend/appdata/nextcloudpi/data:/data
      - /etc/localtime:/etc/localtime:ro
    command: "my ip"
    networks:
      - proxy
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.nextcloudpi-secure.entrypoints=websecure"
      - "traefik.http.routers.nextcloudpi-secure.rule=Host(`cloud.example.com`)"
      - "traefik.http.routers.nextcloudpi-secure.tls=true"
      - "traefik.http.routers.nextcloudpi-secure.service=nextcloudpi"
      - "traefik.http.routers.nextcloudpi-secure.middlewares=default-headers@file"
      - "traefik.http.services.nextcloudpi.loadbalancer.server.port=443"
      - "traefik.docker.network=proxy"

networks:
  proxy:
    external: true

I'm running on OMV 5 (based on debian 10), 32 bit.

I think the problem is this : https://docs.traefik.io/routing/routers/#general
because nextcloudpi want only https for some reason maybe ?
but I don't know.

and because I'm kinda knew (started traefik less than a week ago), this might be just a easy, often ask question, and I'm sorry if it is but my long hours of searching find nothing

Edit:
some more info, I have netdata, portainer, jellyfin and bitwarden runnign with no problem so it's not a global problem

2

Hi,
I know it's an old post but have you solved it?

I have actually the same problem after migrating from RaspberrypiOS to Ubuntu server 20.04 64bits.
The other containers are ok (airsonic, transmission...).
I took the same docker-compose files that was working well on RaspberrypiOS. I just changed the line for nextcloudpi arm64.

3

Ok, I don't know what caused the problem but I "solved" it by disabling "Force https" in the Nextcloudpi interface.