Global http -> https and www -> non-www

Traefik Traefik v3 (latest)
,
1

Continuing the discussion from Global redirect www to non-www with HTTPS redirection:

Hey, I tried the solution from this topic in Traefik v3.0, but I can't get it to work in all cases (and from what I see, that issue is reported even in that older topic).

I'm trying to configure all this in docker-compose.yml (docker labels).

http://$domain redirects to https://$domain
http://www.$domain redirects to https://www.$domain
but
https://www.$domain gives certificate error (default Traefik certificate is served).

I'd like that https://www.$domain is also redirected to https://$domain.

So no matter what client types I'd like it to end up on https://$domain. No http, no www.

Thanks!

2

See simple Traefik example. Make sure to use

.rule=Host(`domain.tld`) || Host(`www.domain.tld`)

So domain and sub-domain can be recognized and both LE certs can be created.

3

That's not global though? I want to set it up only in one place.

So something like this, but not broken :slight_smile:

      - "traefik.http.routers.http-catchall.rule=hostregexp(`(www\\.)?.+`)"
      - "traefik.http.routers.http-catchall.entrypoints=http"
      - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"

      - "traefik.http.routers.www-https-catchall.rule=hostregexp(`(www\\.).+`)"
      - "traefik.http.routers.www-https-catchall.entrypoints=https"
      - "traefik.http.routers.www-https-catchall.tls=true"
      - "traefik.http.routers.www-https-catchall.middlewares=redirect-to-https"

      - "traefik.http.middlewares.redirect-to-https.redirectregex.regex=^https?://(?:www\\.)?(.+)"
      - "traefik.http.middlewares.redirect-to-https.redirectregex.replacement=https://$${1}"
      - "traefik.http.middlewares.redirect-to-https.redirectregex.permanent=true"

I'm also confused about the {1} (taken from previous thread) - isn't it taken the first capture group while we have two (and need the second)?

4

Global means you set it up once, valid for all.

Did you check my example?

      - traefik.http.middlewares.mywwwredirect.redirectregex.regex=^https://www\.(.*)
      - traefik.http.middlewares.mywwwredirect.redirectregex.replacement=https://$${1}
      - traefik.http.routers.mywhoami.middlewares=mywwwredirect
5

I don't think we understand each other.
What I'm trying to achieve (those 3 points from the original post) should all be defined in docker-compose.yml which should just spin up Traefik. I have other docker-compose.ymls for different services/websites, but I want all redirects to happen in Traefik's definition.

6

You can create a http-to-https redirect directly on entrypoint (doc).

You can assign a www redirect middleware directly on entrypoint (doc), but you need to use providers.file to read it from an extra dynamic config file.

7

Ok, thank you.

Anyone else with a more elegant solution maybe?

8

I guess --entryPoints.websecure.http.middlewares=mymiddleware@docker should work too, not only --entryPoints.websecure.http.middlewares=mymiddleware@file, no ?

9

It should work. Personally I am hesitant to use a dynamic middleware assignment in static config, as there will always be a delay for loading the middleware from Docker configuration.

10

I just tried it and it works well (--entrypoints.websecure.http.middlewares=wwwtohttps@docker)

I didn't notice any difference or delay, but I understand your concern