External Pihole behind Traefik redirect /admin

danyo2008 · February 1, 2023, 11:27am

Hi all,

i have pihole installed on a different machine, so pi hole do not run as a docker container next to Traefik.
What i have done is, that i added pihole as an external router to my config.yml.

If i access the URL via my browser, i can see the start page of pihole, but after fill in my admin credentials,
the site will always redirect to /admin

So, i navigate to

https://pihole.local.localdomain.com

I can see the pihole admin page.

But after i fill in my admin credentials, i will be redirected to

https://pihole.local.localdomain.com/admin

which is not available. White screen, no admin interface annymore.

If i then delete the /admin from the URL, i can see the admin panel again and i am logged in....

How is it possible with Traefik that there is not redirect to /admin, so i only want to use the URL
without /admin.

Is that possible?

Here is my config

http:
  routers:
    pihole:
      entryPoints:
        - "https"
      rule: "Host(`pihole.local.localdomain.com`)"
      middlewares:
        - default-headers
        - replacepathregex-pihole
        - addprefix-pihole
        - https-redirectscheme
      tls: {}
      service: pihole

  services:

    pihole:
      loadBalancer:
        servers:
          - url: "http://xxx.xxx.xxx.xxx:80"
        passHostHeader: true


  middlewares:

    addprefix-pihole:
      addPrefix:
        prefix: "/admin"

    replacepathregex-pihole:
      replacePathRegex:
         regex: "^/admin/(.*)"
         replacement: "/$$1"

    https-redirectscheme:
      redirectScheme:
        scheme: https
        permanent: true

    default-headers:
      headers:
        frameDeny: true
        sslRedirect: true
        browserXssFilter: true
        contentTypeNosniff: true
        forceSTSHeader: true
        stsIncludeSubdomains: true
        stsPreload: true
        stsSeconds: 15552000
        customFrameOptionsValue: SAMEORIGIN
        customRequestHeaders:
          X-Forwarded-Proto: https

Thanks and regards
Dan

bluepuma77 · February 1, 2023, 2:15pm

Why do you have this? Messing with paths for a full-blown application usually does not work. Apps are mostly not path-aware and will redirect or link to fixed paths, which then don’t work anymore.

Best practice for multiple services on the same (reverse proxy) server is to use sub-domains.

danyo2008 · February 1, 2023, 2:24pm

I use the subdomain pihole.local.localdomain.... For each Service behind Traefik an own local subdomain. That just works fine for all my Services, execp pihole, because if i will open the sudomain for pihole and enter my credentials, pihole will redirect me to /admin, which does not exist. So i want to redirect back to the subdomain of pihole. But that isn't working....

bluepuma77 · February 1, 2023, 2:39pm

Have you removed those?

danyo2008 · February 1, 2023, 8:59pm

Yes, still not working. Same effect as before.... .

bluepuma77 · February 2, 2023, 10:20am

Without the path manipulation your config looks okay, have you restarted Traefik?

Check Traefik debug log and access log. Check your target service log.

RWL-Dittrich · February 2, 2023, 11:22am

I had the same issue yesterday. The redirects don't get updated and pihole redirects you to the wrong pages constantly.

If you're willing to have /admin put in the URL automatically you can also just use the following middleware to redirect from the root to /admin automatically

    pihole-redirect:
      redirectRegex:
        regex: "^https?://pihole.domain.tld/$"
        replacement: "https://pihole.domain.tld/admin/"

danyo2008 · February 3, 2023, 5:33am

Hi,

thanks, this works fine.

The only thing is now, that always the path /admin is there.
It is ok for me..... But is there no way to work only with the base URL, without the addition of
the path /admin in the URL...?

Thanks and regards
dan