Error opening listener: listen tcp :80: bind: address already in use

Traefik Traefik v3 (latest)
1

I'm trying to combine my compose.yaml files so I can bring my stacks up together. My attempts keep giving me the above error. Below is my setup and it is running on Ubuntu 22.04 on a VM in Proxmox. I have a traefik setup that isn't combined. I can spin that up and I don't get an error and can reach the dashboard, So I feel like the error has to be in my yaml files somewhere.

When I run docker logs traefik it is blank. when I run docker exec -it traefik traefik is when I see the error. either way I cannot reach the dashboard. I dns is pointing to the seriver

# nslookup traefik.myWebsite.tld
Server:		127.0.0.53
Address:	127.0.0.53#53

Non-authoritative answer:
Name:	traefik.myWebsite.tld
Address: 10.10.74.166

# ip address
 inet 10.10.74.166/24 metric 100 brd 10.10.74.255 scope global dynamic eth0

Base Compose file

###############################################################
# Networks
###############################################################
networks:
  traefik:
    external: true
    ipam:
      config:
        - subnet: 10.255.224.0/20

###############################################################
# Docker Secrets
# Owner (default): root:root
# Recommend Set Owner to match container user Example: UID=1100, GID=1100
# Permissions of files & directory on host to: 0400 (-r--)
###############################################################
secrets:
  ## Cloudflare / Traefik
  cf_email:
    file: ${DOCKERDIR}/secrets/cf_email
  cf_dns_api_token:
    file: ${DOCKERDIR}/secrets/cf_dns_api_token
  ## Authentik
  authentik_postgresql_db:
    file: ${DOCKERDIR}/secrets/authentik_postgresql_db
  authentik_postgresql_password:
    file: ${DOCKERDIR}/secrets/authentik_postgresql_password
  authentik_secret_key:
    file: ${DOCKERDIR}/secrets/authentik_secret_key
  gmail_smtp_username:
    file: ${DOCKERDIR}/secrets/gmail_smtp_username
  gmail_smtp_password:
    file: ${DOCKERDIR}/secrets/gmail_smtp_password
  ## GeoIP
  geoip_account_id:
    file: ${DOCKERDIR}/secrets/geoip_account_id
  geoip_license_key:
    file: ${DOCKERDIR}/secrets/geoip_license_key
  traefik_creds:
    file: ${DOCKERDIR}/secrets/traefik_creds

###############################################################
# Include
# Merge all of the below compose files into one large compose at run time
# Thanks to Anand (SmartHomeBeginner), this is clean!
###############################################################
include:
  - ${DOCKERDIR}/my-compose/traefik/compose.yaml
  - ${DOCKERDIR}/my-compose/authentik/compose.yaml
  - ${DOCKERDIR}/my-compose/whoami/compose.yaml

Traefik Compose.yaml

services:
  traefik:
    image: traefik:v3.0
    container_name: traefik
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    networks:
      - traefik
    command:
      - "--configFile=${DOCKERDIR}/appdata/traefik/config/traefik.yml"
    ports:
      - 80:80
      - 443:443/tcp
      # - 443:443/udp # Uncomment if you want HTTP3
    environment:
      - CF_DNS_API_TOKEN_FILE
      # CF_DNS_API_TOKEN: ${CF_DNS_API_TOKEN} # if using .env
      - TRAEFIK_DASHBOARD_CREDENTIALS
    secrets:
      - cf_dns_api_token
      - traefik_creds
    volumes:
      - "/etc/localtime:/etc/localtime:ro"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      #- "${DOCKERDIR}/apptdata/traefik/config/traefik.yml:/traefik.yml:ro"
      - "${DOCKERDIR}/appdata/traefik/data/acme.json:/acme.json"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.entrypoints=http"
      - "traefik.http.routers.traefik.rule=Host(`traefik.browninternal.com`)"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_DASHBOARD_CREDENTIALS}"
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
      - "traefik.http.routers.traefik-secure.entrypoints=https"
      - "traefik.http.routers.traefik-secure.rule=Host(`traefik.browninternal.com`)"
      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
      - "traefik.http.routers.traefik-secure.tls=true"
      - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
      - "traefik.http.routers.traefik-secure.tls.domains[0].main=browninternal.com"
      - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.browninternal.com"
      - "traefik.http.routers.traefik-secure.service=api@internal"

traefik.yaml

api:
  dashboard: true
  debug: true
entryPoints:
  http:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: https
          scheme: https
  https:
    address: ":443"
  ssh:
    address: ":22"
serversTransport:
  insecureSkipVerify: true
providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  file:
    filename: /config.yml
certificatesResolvers:
  cloudflare:
    acme:
      email: fake_email@gmail.com
      storage: acme.json
      # caServer: https://acme-v02.api.letsencrypt.org/directory # prod (default)
      caServer: https://acme-staging-v02.api.letsencrypt.org/directory # staging
      dnsChallenge:
        provider: cloudflare
        disablePropagationCheck: true # uncomment this if you have issues pulling certificates through cloudflare, By setting this flag to true disables the need to wait for the propagation of the TXT record to all authoritative name servers.
        delayBeforeCheck: 60s # uncomment along with disablePropagationCheck if needed to ensure the TXT record is ready before verification is attempted 
        resolvers:
          - "1.1.1.1:53"
          - "1.0.0.1:53"

Enviroment Variables

################################################################
# .env
# When both env and environment are set for a service, values set by environment have precedence.
# https://docs.docker.com/compose/environment-variables/envvars-precedence/
#
# CANNOT MIX ARRAYS (KEY: VAL) AND MAPS (KEY=VAL)
# Ex: Cannot have .ENV var as TZ=US and then a var here as DB_ENGINE: sqlite, has to be DB_ENGINE=sqlite
# Otherwise unexpected type map[string]interface {} occurs
# https://github.com/docker/compose/issues/11567
#
################################################################
DOCKERDIR=/opt/sso
PUID=1100
PGID=1100
TZ=America/New_York
DOMAINNAME=myWebsite.tld

################################################################  
#################### Traefik 3 - June 2024 #####################
# Cloudflare IPs (IPv4 and/or IPv6): https://www.cloudflare.com/ips/
################################################################  
CLOUDFLARE_IPS=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/13,104.24.0.0/14,172.64.0.0/13,131.0.72.0/22
LOCAL_IPS=127.0.0.1/32,10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
TRAEFIK_DASHBOARD_CREDENTIALS=/run/secrets/traefik_creds
CF_DNS_API_TOKEN_FILE=/run/secrets/cf_dns_api_token
################################################################  
# Authentik (https://docs.goauthentik.io/docs/)
# Environment Variables (https://docs.goauthentik.io/docs/installation/configuration)
################################################################  
POSTGRES_PASSWORD=/run/secrets/authentik_postgresql_password
POSTGRES_USER=/run/secrets/authentik_postgresql_db
POSTGRES_DB=/run/secrets/authentik_postgresql_db
AUTHENTIK_REDIS__HOST=authentik_redis
AUTHENTIK_POSTGRESQL__HOST=authentik_postgresql
AUTHENTIK_POSTGRESQL__NAME=$POSTGRES_DB
AUTHENTIK_POSTGRESQL__USER=$POSTGRES_DB
AUTHENTIK_POSTGRESQL__PASSWORD=$POSTGRES_PASSWORD
AUTHENTIK_DISABLE_STARTUP_ANALYTICS=true
AUTHENTIK_DISABLE_UPDATE_CHECK=false
AUTHENTIK_ERROR_REPORTING__ENABLED=false
AUTHENTIK_LOG_LEVEL=info # debug, info, warning, error, trace
AUTHENTIK_SECRET_KEY=/run/secrets/authentik_secret_key # openssl rand 60 | base64 -w 0
AUTHENTIK_COOKIE_DOMAIN=${DOMAINNAME}
# AUTHENTIK_LISTEN__TRUSTED_PROXY_CIDRS: CHANGEME_IFAPPLICABLE # Defaults to all of: 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, fe80::/10, ::1/128
DOCKER_HOST=tcp://socket-proxy:2375 # Use this if you have Socket Proxy enabled.
AUTHENTIK_EMAIL__HOST=smtp.gmail.com
AUTHENTIK_EMAIL__PORT=587
AUTHENTIK_EMAIL__USERNAME=/run/secrets/gmail_smtp_username
AUTHENTIK_EMAIL__PASSWORD=/run/secrets/gmail_smtp_password
AUTHENTIK_EMAIL__USE_TLS=false
AUTHENTIK_EMAIL__USE_SSL=false
AUTHENTIK_EMAIL__TIMEOUT=10
AUTHENTIK_EMAIL__FROM=$AUTHENTIK_EMAIL__USERNAME

################################################################  
# GeoIP ( https://github.com/maxmind/geoipupdate)  
# Environment Variables (https://github.com/maxmind/geoipupdate/blob/main/doc/docker.md)  
################################################################  
GEOIPUPDATE_EDITION_IDS="GeoLite2-City GeoLite2-ASN" # Space seperated 
GEOIPUPDATE_FREQUENCY=8 # Frequency to check for updates, in hours
GEOIPUPDATE_ACCOUNT_ID=/run/secrets/geoip_account_id
GEOIPUPDATE_LICENSE_KEY=/run/secrets/geoip_license_key

This is my folder structure. I believe I have everything listed so that traefik can reach the needed folders

├── appdata
│ └── traefik
│ ├── config
│ │ ├── chain-no-auth.yaml
│ │ └── traefik.yml
│ ├── data
│ │ └── acme.json
│ └── rules
├── logs
│ └── traefik
├── my-compose
│ ├── authentik
│ │ └── compose.yaml
│ ├── compose.yml
│ ├── traefik
│ │ └── compose.yaml
│ └── whoami
│ └── compose.yaml
└── secrets

2

So something is already listening in port 80. Use netstat -tulpn or similar to see which process it is.

Are you sure you stop Traefik before trying the combined compose file? Compose might think Traefik is a different service because of changed filename (and therefore project).