HTTP => HTTPS RedirectScheme: Too many redirects

Hi,

I'm trying to do a HTTPS redirection but I get a Too Many redirects error.

The infrastructure:

  • AWS ELB
    -- listening on 80 and 443
    -- SSL Termination
    -- forwarding requests to a target group on port 80 HTTP
  • Target Group
    -- Docker Swarm with Traefik 2.0

Traefik Service:

version: "3.3"
services:
  traefik:
    image: traefik:2.1
    environment:
      - "TZ=America/Los_Angeles"
    command: 
      - "--providers.docker=true" 
      - "--providers.docker.swarmmode=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--log.level=INFO"
    ports:
      - "80:80"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    labels:
      - "traefik.enable=false"
    networks:
      - public-net

App Service:

vue:
    image: ${VUE_IMAGE}
    deploy:
      replicas: 2
      labels:
        - traefik.enable=true
        - "traefik.http.services.vue.loadbalancer.server.port=80"
        - "traefik.http.routers.vue.rule=Host(`${VUE_URI}`)"
        - "traefik.http.services.vue.loadbalancer.sticky=true"
        - "traefik.http.routers.vue.entrypoints=web"
        - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" 
        - "traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true" 
        - "traefik.http.routers.vue.rule=hostregexp(`{host:.+}`)"  
        - "traefik.http.routers.vue.middlewares=redirect-to-https" 
        - "traefik.docker.network=traefik_public-net"
    networks:
      - traefik_public-net

Hello,

version: "3.3"
services:
  traefik:
    image: traefik:2.1
    environment:
      - "TZ=America/Los_Angeles"
    command: 
      - "--providers.docker=true"
      - "--providers.docker.swarmmode=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--log.level=INFO"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    labels:
      - "traefik.enable=false"
    networks:
      - public-net
  vue:
    image: ${VUE_IMAGE}
    deploy:
      replicas: 2
      labels:
      labels:
        traefik.enable: true
        traefik.docker.network: traefik_public-net
        
        traefik.http.routers.vue.rule: Host(`${VUE_URI}`)
        traefik.http.routers.vue.entrypoints: websecure
        
        traefik.http.services.vue.loadbalancer.server.port: 80
        traefik.http.services.vue.loadbalancer.sticky: true

        traefik.http.routers.catchall.rule: hostregexp(`{host:.+}`)
        traefik.http.routers.catchall.entrypoints: web
        traefik.http.routers.catchall.middlewares: redirect-to-https

        traefik.http.middlewares.redirect-to-https.redirectscheme.scheme: https
        traefik.http.middlewares.redirect-to-https.redirectscheme.permanent: true
    networks:
      - traefik_public-net

Thank you, but I got the same error.

I want to add that it was working in traefik 1.7 with this config:

labels:
        - "traefik.port=80"
        - "traefik.docker.network=traefik_public--net"
        - "traefik.frontend.rule=Host:${VUE_URI}"
        - "traefik.backend.loadbalancer.stickiness=true"
        - "traefik.frontend.headers.SSLProxyHeaders=X-Forwarded-Proto: https"
        - "traefik.frontend.headers.SSLRedirect=true"

After debugging, I found the solution:

Traefik Service

command: 
      - "--providers.docker=true" 
      - "--providers.docker.swarmmode=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entryPoints.web.forwardedHeaders.insecure" // <-- Added this to trust the forwarded headers information (X-Forwarded-*) from the ELB
      - "--log.level=INFO"
    ports:
      - "80:80"

App Service

labels:
        - traefik.enable=true
        - "traefik.http.services.vue.loadbalancer.server.port=80"
        - "traefik.http.routers.vue.entrypoints=web"
        - "traefik.http.routers.vue.rule=Host(`${VUE_URI}`)"
        - "traefik.http.routers.vue.middlewares=redirect-to-https"
        - "traefik.http.middlewares.redirect-to-https.headers.sslredirect=true"
        - "traefik.http.middlewares.redirect-to-https.headers.sslProxyHeaders.X-Forwarded-Proto=https"
        - "traefik.http.services.vue.loadbalancer.sticky=true"
        - "traefik.docker.network=traefik_public-net"
1 Like