Get 404 page not found with Portainer behind Traefik

chazz · October 26, 2022, 10:07pm

So this is my first experiment with Traefik proxying something and it didn't go so well...anyways as it states I'm getting the dreaded "404 page not found" error when I navigate to the address I used.

I'm not sure whats wrong I can get to the Traefik dashboard and see that it shows up there. I have a DNS entry for it on my DNS server.

I'm trying to use this walk through: Put Wildcard Certificates and SSL on EVERYTHING | Techno Tim Documentation

Here are the configs I used. I changed out the example stuff shown here to my domain and user/password is the only changes between mine and this config.

The wildcard Let's Encrypt" certs work. Even on the 404 page of portainer...so SSL is functional just for some reason can't get to portainer page.

traefik docker-compose

version: '3'

services:
  traefik:
    image: traefik:latest
    container_name: traefik
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    networks:
      - proxy
    ports:
      - 80:80
      - 443:443
    environment:
      - CF_API_EMAIL=user@example.com
      - CF_DNS_API_TOKEN=YOU_API_TOKEN
      # - CF_API_KEY=YOU_API_KEY
      # be sure to use the correct one depending on if you are using a token or key
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /home/username/traefik/data/traefik.yml:/traefik.yml:ro
      - /home/username/traefik/data/acme.json:/acme.json
      - /home/username/traefik/data/config.yml:/config.yml:ro
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.entrypoints=http"
      - "traefik.http.routers.traefik.rule=Host(`traefik-dashboard.local.example.com`)"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=USER:BASIC_AUTH_PASSWORD"
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
      - "traefik.http.routers.traefik-secure.entrypoints=https"
      - "traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.local.example.com`)"
      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
      - "traefik.http.routers.traefik-secure.tls=true"
      - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
      - "traefik.http.routers.traefik-secure.tls.domains[0].main=local.example.com"
      - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.local.example.com"
      - "traefik.http.routers.traefik-secure.service=api@internal"

networks:
  proxy:
    external: true

Traefik.yml:

api:
  dashboard: true
  debug: true
entryPoints:
  http:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: https
          scheme: https
  https:
    address: ":443"
serversTransport:
  insecureSkipVerify: true
providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  file:
    filename: /config.yml
certificatesResolvers:
  cloudflare:
    acme:
      email: you@example.com
      storage: acme.json
      dnsChallenge:
        provider: cloudflare
        #disablePropagationCheck: true # uncomment this if you have issues pulling certificates through cloudflare, By setting this flag to true disables the need to wait for the propagation of the TXT record to all authoritative name servers.
        resolvers:
          - "1.1.1.1:53"
          - "1.0.0.1:53"

Portainer docker-compose file:

version: '3'

services:
  portainer:
    image: portainer/portainer-ce
    container_name: portainer
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    networks:
      - proxy
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /home/username/portainer/data:/data
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.portainer.entrypoints=http"
      - "traefik.http.routers.portainer.rule=Host(`portainer.local.example.com`)"
      - "traefik.http.middlewares.portainer-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.portainer.middlewares=portainer-https-redirect"
      - "traefik.http.routers.portainer-secure.entrypoints=https"
      - "traefik.http.routers.portainer-secure.rule=Host(`portainer.local.example.com`)"
      - "traefik.http.routers.portainer-secure.tls=true"
      - "traefik.http.routers.portainer-secure.service=portainer"
      - "traefik.http.services.portainer.loadbalancer.server.port=9000"
      - "traefik.docker.network=proxy"

networks:
  proxy:
    external: true

Portainer logs:

portainer  | time="2022-10-26T22:02:58Z" level=info msg="Encryption key file `portainer` not present"
portainer  | time="2022-10-26T22:02:58Z" level=info msg="Proceeding without encryption key"
portainer  | time="2022-10-26T22:02:58Z" level=info msg="Loading PortainerDB: portainer.db"
portainer  | time="2022-10-26T22:02:58Z" level=info msg="Opened existing store" version=61
portainer  | 2022/10/26 22:02:58 server: Reverse tunnelling enabled
portainer  | 2022/10/26 22:02:58 server: Fingerprint 3b:65:fd:7d:fe:b0:8f:75:f5:73:6c:4b:b5:3d:d1:52
portainer  | 2022/10/26 22:02:58 server: Listening on 0.0.0.0:8000...
portainer  | time="2022-10-26T22:02:58Z" level=info msg="[INFO] [cmd,main] Starting Portainer" BuildNumber=22936 GoVersion=1.18.3 ImageTag=linux-amd64-2.15.1 NodejsVersion=14.20.0 Version=2.15.1 WebpackVersion=5.68.0 YarnVersion=1.22.19
portainer  | time="2022-10-26T22:02:58Z" level=info msg="2022/10/26 22:02:58 [DEBUG] [chisel, monitoring] [check_interval_seconds: 10.000000] [message: starting tunnel management process]"
portainer  | time="2022-10-26T22:02:58Z" level=info msg="2022/10/26 22:02:58 [DEBUG] [internal,init] [message: start initialization monitor ]"
portainer  | time="2022-10-26T22:02:58Z" level=info msg="2022/10/26 22:02:58 [INFO] [http,server] [message: starting HTTPS server on port :9443]"
portainer  | time="2022-10-26T22:02:58Z" level=info msg="2022/10/26 22:02:58 [INFO] [http,server] [message: starting HTTP server on port :9000]"

Anyone have an idea why I'm getting a 404 error?

chazz · October 27, 2022, 10:47pm

I tried other containers and they work fine...its just portainer that won't work. I experimented with running the container without the Traefik labels/network and exposed the ports and Portainer works.

I'm not sure whats going on as I use these same exact labels/network for other containers that are working perfect with Traefik.

chazz · November 3, 2022, 2:50am

Ok, I figured this out, there is nothing wrong with any of the configuration...it was a misspelling that I needed to correct and now it works. Just thought I would close the loop on this issue.

system · November 6, 2022, 2:51am

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Use my own certificates for docker containers, but get -404 page not found- error Traefik v2 docker	1	878	November 23, 2021
404 page not found Traefik v2 docker	8	1968	October 3, 2019
Https routing "404 page not found" docker file Traefik v2 docker	8	1811	October 10, 2023
Help with 404 error Traefik v2 docker , letsencrypt-acme , middleware	15	6843	April 11, 2024
Basic https configuration keep getting 404 Traefik v2 docker , file	3	1008	August 8, 2022

Get 404 page not found with Portainer behind Traefik

Related topics