Global Redirection from HTTP to HTTPS : command traefik error, field not found, node : redirect-to-https

Hello knowledgeable people,

I'm writing this post after many tries, much time spent reading similar posts, to no avail.
I'm really sorry if this has been talked about many times, but I can't seem to pinpoint the problem with my configuration.

I'm trying to setup a router that will redirect everything HTTP to HTTPS. The use case for Traefik is putting a proxy to Tactical RMM Docker installation.

I can't get the containers to start. I'm getting an error command traefik error: field not found, node: redirect-to-https

Here's all my configuration files as well as the docker-compose.yml

docker-compose.yml

version: '3.7'

services:

# =============================================================
#
#	TRAEFIK - reverse proxy
#
# =============================================================
        
  reverse-proxy:
    image: traefik:latest
    command:
      - --log.level=DEBUG
      - --configFile=/FileProvider/traefik.toml
      - --providers.file.directory=FileProvider/
      - --providers.file.watch=true
      - --certificatesresolvers.certificato.acme.dnschallenge=true
    env_file:
      - .env
    environment:
      - DYN_CUSTOMER_NAME=${DYN_CUSTOMER_NAME}
      - DYN_USER_NAME=${DYN_USER_NAME}
      - DYN_PASSWORD=${DYN_PASSWORD}
    container_name: traefik
    labels:
      - traefik.enable= "true"
      - traefik.http.routers.http-catchall.entrypoints= "web-insecure"
      - traefik.http.routers.http-catchall.rule= "HostRegexp(`{host:.+}`)"
      - traefik.http.routers.traefik-rtr.tls= "true"
      - traefik.http.routers.traefik-rtr.entrypoints= "web-secure"
      - traefik.http.routers.traefik-rtr.service= "api@internal"
      - traefik.http.routers.traefik-rtr.rule= "Host(`traefik.${DOMAIN}`)"
      - traefik.http.middlewares.redirect-to-https.redirectscheme.scheme= "https"
    ports:
      - 80:80
      - 443:443
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock  # So that Traefik can listen to the Docker events
      - /var/traefik/acme.json:/acme.json:rw
      - /var/traefik/FileProvider/:/FileProvider
      - /var/traefik/traefik.log:/traefik.log:rw
    restart: unless-stopped


# =============================================================
#
#	WHOAMI - test webserver
#
# =============================================================

  whoami:
    image: containous/whoami
    container_name: whoami
    labels:
      - traefik.enable=true
      - traefik.http.routers.whoami.rule=Host(`whoami.${DOMAIN}`)
      - traefik.http.routers.whoami.entrypoints=web-secure
      - traefik.http.routers.whoami.tls.certresolver=certificato
      - traefik.http.routers.whoami.tls.domains[0].main=.${DOMAIN}

configuration file for traefik : traefik.toml


################################################################
#         >>>>>>>>>>>          providers!       ԅ(≖‿≖ԅ)        #
################################################################
[providers]
  [providers.docker]
    endpoint = "unix:///var/run/docker.sock"
    exposedbydefault = false
    defaultRule = "Host(`${DOMAIN}`)"
[api]
  debug = true
  dashboard = true

################################################################
#         >>>>>>>>>>>        entrypoints!        (҂◡_◡)        #
################################################################

[entrypoints.web-insecure]
  address = ":80"
  [entrypoints.web-insecure.http.redirect-to-https]
    [entrypoints.web-insecure.http.redirect-to-https.entryPoint]
      to = "web-secure"
      scheme = "https"
      permanent = true

#----#
[entrypoints.tcp-nats]
  address = ":4222"

#----#
[entrypoints.web-secure]
  address = ":443"
  [entrypoints.web-secure.http.tls]
    [[entrypoints.web-secure.http.tls.domains]]
      main = "srv.xxx.com"
      sans = ["traefik.srv.xxx.com", 
         	"rmm.srv.xxx.com",
		"mesh.srv.xxx.com",
		"api.srv.xxx.com"]


################################################################
#         >>>>>>>>>>>  routers! for dashboard!!    (⩾﹏⩽)      #
################################################################
[http]
  [http.routers]
    [http.routers.traefik-rtr]
      entrypoints = [ "web-secure" ]
      service = "api@internal"
      rule = "Host(`traefik.srv.xxx.com`) && ( PathPrefix(`/api`) || PathPrefix(`/dashboard`) )"
      [http.routers.traefik-rtr.tls]
        [[http.routers.traefik-rtr.tls.domain]]
	  main = "traefik.srv.xxx.com"

#----#
    [http.routers.http-catchall]
      entryPoints = ["web-insecure"]
      middlewares = ["redirect-to-https"]
      rule = "HostRegexp(`{host:.+}`"
      service = "nope"

################################################################
#         >>>>>>>>>>>    middlewares!         ᕦ(ò_óˇ)ᕤ         #
################################################################

[http.middleware]
  [http.middlewares.auth.basicAuth]
    users = ["welxxx:$2y$05$zJ5ip36xlUw.agQisUKyeONz08yubBScFQpRjLOeND13s9NXQkYzq"]

#----#
  [http.middlewares.redirect-to-https.redirectScheme]
    scheme = "https"

#----#
  [http.middlewares.remove-www-redirect.redirectregex]
    regex = "https://www.([a-zA-Z0-9.]+.?)+"
    replacement = "https://${1}"
    permanent = true



################################################################
#         >>>>>>>>>>>    services!            (u_u)            #
################################################################

[http.services]
  [http.services.nope.loadBalancer]  
    [http.services.nope.loadBalancer.servers]
      url = "http://127.0.0.1"



################################################################
#         >>>>>>>>>>>   AUTO SSL PLEASE WORK!                  #
################################################################
[certificatesresolvers.certificato.acme]
  email = "welxxx@xxx.com"
  storage = "acme.json"
  caServer = "https://acme-v02.api.letsencrypt.org/directory"
  [certificatesResolvers.certificato.acme.dnsChallenge]
    provider = "dyn"
    delayBeforeCheck = 0
    resolvers = "8.8.8.8:53"

configuration file for Meshcentral : app-mesh.toml

################################################################
#         >>>>>>>>>>>>>> routers  FOR MESH !!! (っ▀¯▀)つ       #
################################################################

[http.routers]
  [http.routers.mesh]
      entrypoints = ["web-secure"]
      rule = "Host(`mesh.srv.xxx.com`)"
      service = "mesh"
    [http.routers.mesh.tls]
      certResolver = "certificato"

################################################################
#         >>>>>>>>>>>>> services  FOR MESH !!! (っ▀¯▀)つ       #
################################################################


[http.services]
  [http.services.mesh]
    [http.services.mesh.loadBalancer]
      passHostHeader = true
      [[http.services.mesh.loadBalancer.servers]]
      url = "https://mesh.srv.xxx.com" 

configuration file for mesh agent : app-meshagent.toml

################################################################
#    >>>>>>> routers  !! for mesh agent !!    ฅ^-ﻌ-^ฅ          #
################################################################

[http.routers]
  [http.routers.meshcentral]
    entryPoints = ["web-secure"]
    rule = """Host(`mesh.srv.xxx.com`) &&
        	PathPrefix( `/agent.ashx`, `/meshrelay.ashx`, ) &&
        	Headers(`X-Forwarded-Proto`, `wss`) """
    service = "meshcentral"
  [http.routers.meshcentral.tls]
    certResolver = "certificato"

################################################################
#    >>>>>>> services  !! for mesh agent !!    ฅ^-ﻌ-^ฅ          #
################################################################

[http.services]
  [http.services.meshcentral]
    [http.services.meshcentral.loadBalancer]
    passHostHeader = true
    [[http.services.meshcentral.loadBalancer.servers]]
      url = "https://mesh.srv.xxx.com:4443" 

configuration file for nats : app-nats.toml

################################################################
# Routers                  FOR NATS API !!!                    #
################################################################

[tcp.routers.nats-api]
    entryPoints = [ "tcp-nats" ] 
    service = "nats-api"
    rule = "HostSNI(`*`)"

################################################################
# Services                 FOR NATS API !!!                    #
################################################################

[[tcp.services.nats-api.loadBalancer.servers]]
    address = "1xxxip:4222"

configuration file for Tactical RMM : app-rmm.toml

################################################################
#         >>>>>>>>>>>   router rules for RMM !    ᕙ(⇀‸↼)ᕗ      #
################################################################

[http.routers]
  [http.routers.rmm]
    entryPoints = ["web-secure"]
    rule = "Host(`rmm.srv.xxx.com`)"
    service = "rmm"
  [http.routers.rmm.tls]
    certResolver = "certificato"
    [[http.routers.rmm.tls.domains]]
      main = "rmm.srv.xxx.com"
    
[http.services]
  [http.services.rmm.loadBalancer]
    passHostHeader = true
    [[http.services.rmm.loadBalancer.servers]]
      url = "https://rmm.srv.xxx.com:4443"

configuration file for the TacticalRMM API

################################################################
# Routers
################################################################

# This router is used by the rmm.a8n.tools frontend and the agents.
[http.routers.tactical-api]
    entryPoints = [ "web-secure" ]
    service = "tactical-api"
    rule = "Host(`api.srv.xxx.com/`)"
    [http.routers.tactical-api.tls]
        certResolver = "certificato"

################################################################
# Services
################################################################

[[http.services.tactical-api.loadBalancer.servers]]
    url = "https://api.srv.xxx.com/"

I'd be really grateful for any help, advice, anything that could help me.
Thank you for giving me your time and attention.

To me it seems you are mixing Traefik command line arguments with configuration files, I don't think that will work. When you use --configFile everything else is disregarded in the command.

Hello,

the problem is here:

[entrypoints.web-insecure]
  address = ":80"
  [entrypoints.web-insecure.http.redirect-to-https]
    [entrypoints.web-insecure.http.redirect-to-https.entryPoint]
      to = "web-secure"
      scheme = "https"
      permanent = true

the right syntax:

[entrypoints.web-insecure]
  address = ":80"
  [entrypoints.web-insecure.http.redirections]
    [entrypoints.web-insecure.http.redirections.entryPoint]
      to = "web-secure"
      scheme = "https"
      permanent = true

redirections is not a name that you can change, because this is a field of a structure.

You can also remove this line.

      - traefik.http.middlewares.redirect-to-https.redirectscheme.scheme= "https"

I also recommend not merging static and dynamic configurations in the same file.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.