Hi there,
we've setup traefik with letsencrypt using http challenge: this part is working like a charm.
We're now also trying to make sure that all http traffic is redirected to https and for some reason, we cannot get this to work. We're only using docker-compose.yml
.
Our setup is as follows:
version: "3.3"
services:
traefik:
image: "traefik:v2.5.1"
container_name: "traefik"
restart: unless-stopped
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.httpchallenge=true"
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myresolver.acme.email=xgr@example.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
network_mode: "host"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
whoami:
image: "traefik/whoami"
container_name: "simple-service"
labels:
- traefik.enable=true
- traefik.http.middlewares.mywebserver-redirect-websecure.redirectscheme.scheme=https
- traefik.http.routers.mywebserver-web.middlewares=mywebserver-redirect-websecure
- traefik.http.routers.mywebserver-web.rule=Host(`foobar.example.com`)
- traefik.http.routers.mywebserver-web.entrypoints=web
- traefik.http.routers.mywebserver-websecure.rule=Host(`foobar.example.com`)
- traefik.http.routers.mywebserver-websecure.tls.certresolver=myresolver
- traefik.http.routers.mywebserver-websecure.tls=true
- traefik.http.routers.mywebserver-websecure.entrypoints=websecure
- traefik.http.services.mywebserver-websecure.loadbalancer.server.port=80
When we navigate to https://foorbar.example.com, we get to see the expected output. If we however navigate to http://foobar.example.com, the request in chrome developer tools is first pending but then times out.
What are we doing wrong?
Edit: I also tried to add global redirection in the traefik service itself but this results in the same behaviour. See yaml below:
command:
- "--providers.docker"
- "--entrypoints.web.address=:80"
- "--entrypoints.web.http.redirections.entrypoint.to=websecure"
- "--entrypoints.web.http.redirections.entrypoint.scheme=https"
- "--entrypoints.websecure.address=:443"