First ever setup, half working?

Hi,

Managed to get dashboard up and running on ssl secured fqdn and tried first container connection (to gotify) but getting a "The page isn’t redirecting properly" when going to https://gtfy.xxxx.com

can someone see the newbie textbook error in my configs please?...

config.yml ....


http:
#region routers
routers:
gotify:
entryPoints:
- "https"
rule: "Host(gtfy.xxx.com)"
middlewares:
- default-headers
- https-redirectscheme
tls: {}
service: gotify

#endregion

#region services
services:
gotify:
loadBalancer:
servers:
- url: "http://10.0.0.14:7070"
passHostHeader: true

#endregion

default-whitelist:
  ipWhiteList:
    sourceRange:
    - "10.0.0.0/24"
    - "192.168.0.0/16"
    - "172.16.0.0/12"
    - "172.21.0.0/16"

secured:
  chain:
    middlewares:
    - default-whitelist
    - default-headers

docker-compose.yml....


version: '3.3'
services:
gotify:
image: gotify/server-arm64
container_name: gotify
volumes:
- /home/ubuntu/docker/gotify:/app/data
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
proxy:
ports:
- 7070:80
environment:
- TZ=Europe/London
labels:
- "traefik.enable=true"
- "traefik.http.routers.gotify.entrypoints=http"
- "traefik.http.routers.gotify.rule=Host(gtfy.xxxx.com)"
- "traefik.http.middlewares.gotify-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.gotify.middlewares=gotify-https-redirect"
- "traefik.http.routers.gotify-secure.entrypoints=https"
- "traefik.http.routers.gotify-secure.rule=Host(gtfy.xxxx.com)"
- "traefik.http.routers.gotify-secure.tls=true"
- "traefik.http.routers.gotify-secure.service=gotify"
- "traefik.http.services.gotify.loadbalancer.server.port=80"
- "traefik.docker.network=proxy"

networks:
proxy:
external: true


thanks

For code use 3 backticks in front and after, or select it and press the </> button.

Check simple Traefik example.

Don’t use ports in your service (except Traefik), it opens the ports externally and makes the service accessible, circumventing any Traefik middlewares for security or auth.

Connect Traefik and services with a Docker network, then you don’t need to expose ports. Internally the ports are automatically reachable.

Maybe your service sees the request coming in via http (internally) and therefore responds with a redirect. Check your service docs.