Hi here is my yaml rule file,
http:
routers:
1c-rtr:
rule: "Host(`{{env "DOMAINNAME_CLOUD_SERVER"}}`)"
entryPoints:
- https
# middlewares:
# - chain-no-auth
service: 1c-svc
tls:
certResolver: dns-cloudflare
# middlewares:
# pihole-rpi-add-admin:
# addPrefix:
# prefix: "/admin"
services:
1c-svc:
loadBalancer:
servers:
- url: "http://172.18.30.12:80"
I need to add EncodeQuerySemicolons option there, but when I edit it like
http:
routers:
1c-rtr:
rule: "Host(`{{env "DOMAINNAME_CLOUD_SERVER"}}`)"
entryPoints:
-web:
address: ":80"
http:
encodeQuerySemicolons: true
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: ":443"
http:
encodeQuerySemicolons: true
# middlewares:
# - chain-no-auth
service: 1c-svc
tls:
certResolver: dns-cloudflare
# middlewares:
# pihole-rpi-add-admin:
# addPrefix:
# prefix: "/admin"
services:
1c-svc:
loadBalancer:
servers:
- url: "http://172.18.30.12:80"
Nothing happends at all, I get same result as before editing
According to doc:
entryPoints:
websecure:
address: ':443'
http:
encodeQuerySemicolons: true
Do you use a current Traefik version?
Yes, I use 2.10.1 version
POST /uat_300723/ru_RU/e1cib/login?version=8.3.23.1912&nooida&vl=ru&clnId=39b81356-e9b4-4b1c-a4d9-bd50125e9292 HTTP/2.0" 402 1357 "-" "-" 55969 "https-1c-rtr@file" "http://172.18.30.12:80" 93ms
172.18.30.254 - - [02/Nov/2023:11:55:09 +0000] "GET /uat_300723/ru_RU/e1cib/modules/defs?sysver=8.3.23.1912&confver=2aaf4c1a964aa14b87206cf5c187cbb600000000&id=urn:module:md:8170a27d-45e9-48b1-860b-c2d9cc5961cd@property=%27d5963243-262e-4398-b4d7-fb16d06484f6%27&version=%27d46db25be9f5be40a63e5a48358c9c0600000000%27 HTTP/2.0" 400 14827 "-" "-" 56035 "https-1c-rtr@file" "http://172.18.30.12:80" 66ms
172.18.30.254 - - [02/Nov/2023:11:55:16 +0000] "GET /uat_300723/ru_RU/e1cib/modules/defs?sysver=8.3.23.1912&confver=2aaf4c1a964aa14b87206cf5c187cbb600000000&id=urn:module:md:349d190a-4011-49f9-b3a0-5a88006b652c@property=%27d5963243-262e-4398-b4d7-fb16d06484f6%27&version=%27a4075e542624f442859e0e0594611b1f00000000%27 HTTP/2.0" 400 6673 "-" "-" 56093 "https-1c-rtr@file" "http://172.18.30.12:80" 97ms
172.18.30.254 - - [02/Nov/2023:11:55:17 +0000] "GET /uat_300723/ru_RU/e1cib/modules/defs?sysver=8.3.23.1912&confver=2aaf4c1a964aa14b87206cf5c187cbb600000000&id=urn:module:md:8170a27d-45e9-48b1-860b-c2d9cc5961cd@property=%27d5963243-262e-4398-b4d7-fb16d06484f6%27&version=%27d46db25be9f5be40a63e5a48358c9c0600000000%27 HTTP/2.0" 400 14827 "-" "-" 56118 "https-1c-rtr@file" "http://172.18.30.12:80" 43ms
I user CLI in docker-compose
# Traefik 2 - Reverse Proxy
traefik:
<<: *common-keys-core # See EXTENSION FIELDS at the top
container_name: traefik
image: traefik:latest
command: # CLI arguments
- --global.checkNewVersion=true
- --global.sendAnonymousUsage=true
- --entryPoints.http.address=:80
- --entryPoints.https.address=:443
# Allow these IPs to set the X-Forwarded-* headers - Cloudflare IPs: https://www.cloudflare.com/ips/
- --entrypoints.https.forwardedHeaders.trustedIPs=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/13,104.24.0.0/14,172.64.0.0/13,131.0.72.0/22
- --entryPoints.traefik.address=:8080
- --api=true
- --api.insecure=true
- --api.dashboard=true
# - --serversTransport.insecureSkipVerify=true
- --log=true
- --log.filePath=/logs/traefik.log
- --log.level=INFO # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
- --accessLog=true
- --accessLog.filePath=/logs/access.log
- --accessLog.bufferingSize=100 # Configuring a buffer of 100 lines
- --accessLog.filters.statusCodes=204-299,400-499,500-599
- --providers.docker=true
- --providers.docker.endpoint=unix:///var/run/docker.sock # Use Docker Socket Proxy instead for improved security
# - --providers.docker.endpoint=tcp://socket-proxy:2375 # Use this instead of the previous line if you have socket proxy.
- --providers.docker.exposedByDefault=false
- --entrypoints.https.http.tls.options=tls-opts@file
# Add dns-cloudflare as default certresolver for all services. Also enables TLS and no need to specify on individual services
- --entrypoints.https.http.tls.certresolver=dns-cloudflare
- --entrypoints.https.http.tls.domains[0].main=$DOMAINNAME_CLOUD_SERVER
- --entrypoints.https.http.tls.domains[0].sans=*.$DOMAINNAME_CLOUD_SERVER
- --entrypoints.https.http.tls.domains[1].main=$DOMAINNAME2 # Pulls main cert for second domain
- --entrypoints.https.http.tls.domains[1].sans=*.$DOMAINNAME2 # Pulls wildcard cert for second domain
- --entrypoints.https.http.tls.domains[1].main=$DOMAINNAME3 # Pulls main cert for third domain
- --entrypoints.https.http.tls.domains[1].sans=*.$DOMAINNAME3 # Pulls wildcard cert for third domain
- --providers.docker.network=t2_proxy
- --providers.docker.swarmMode=false
- --providers.file.directory=/rules # Load dynamic configuration from one or more .toml or .yml files in a directory
# - --providers.file.filename=/path/to/file # Load dynamic configuration from a file
- --providers.file.watch=true # Only works on top level files in the rules folder
# - --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing
- --certificatesResolvers.dns-cloudflare.acme.email=$CLOUDFLARE_EMAIL
- --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
- --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
- --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53
- --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.delayBeforeCheck=90 # To delay DNS check and reduce LE hitrate
When i add
--entrypoints.websecure.address=:443
--entrypoints.websecure.http.encodequerysemicolons=true
Traefik do not start at all
Strange, it seems to be a valid parameter according to Traefik static CLI reference.
You need to check on the desktop site if it’s really compatible with your current version (left bottom), I think the "default" doc might be v3.
Did you try adding only websecure with port?