HTTPS and TLS from one container

Traefik Traefik v2 (latest)
,
1

Is it even possible to serve HTTP and TCP from one container using TLS on both?

Right now the HTTPS works great, but I cannot connect to the TCP server (trying to use traefik to serve an MQTT broker over TLS). The error i get is "Error while connection to backend: dial tcp 192.168.0.4:1883: connect: connectiion refused". Here are my configs:

traefik.yaml:

api:
  insecure: true
  
log:
  level: DEBUG

providers:
  docker: {}

entryPoints:
  web:
    address: ":80"

  websecure:
    address: ":443"

  mqttsecure:
    address: ":8883"

certificatesResolvers:
  myresolver:
    acme:
      email: evanfeenstra@gmail.com
      storage: /letsencrypt/acme.json
      caServer: https://acme-v02.api.letsencrypt.org/directory
      dnsChallenge:
        provider: route53

docker-compose.yaml

version: '2'

services:
  reverse-proxy:
    # The official v2 Traefik docker image
    image: traefik:v2.2
    # Enables the web UI and tells Traefik to listen to docker
    # command: --configFile=/home/ec2-user/sphinx-deploy/traefik.yaml
    ports:
      # The HTTP port
      - 80:80
      # The Web UI (enabled by --api.insecure=true)
      - 8080:8080
      # entrypoints
      - 443:443
      - 8883:8883
    volumes:
      # So that Traefik can listen to the Docker events
      - /var/run/docker.sock:/var/run/docker.sock
      - /home/ec2-user/sphinx-deploy/traefik.yaml:/etc/traefik/traefik.yaml
      - /home/ec2-user/letsencrypt:/letsencrypt
    environment: 
      - AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
      - AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
      - AWS_REGION=$AWS_REGION

  auth:
    image: sphinx-auth
    depends_on:
      - reverse-proxy
    ports:
      - "9090:9090"
    labels:
      - "traefik.http.routers.auth.rule=Host(`auth.docker.localhost`)"
    restart: on-failure

  tribes:
    image: sphinx-tribes
    depends_on:
      - auth
      - reverse-proxy
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.tribes.rule=Host(`tribes.sphinx.chat`)"
      - "traefik.http.services.tribes.loadbalancer.server.port=5002"
      - "traefik.http.routers.tribes.tls=true"
      - "traefik.http.routers.tribes.tls.certresolver=myresolver"
      - "traefik.http.routers.tribes.entrypoints=websecure"
      - "traefik.tcp.routers.tribes.rule=HostSNI(`tribes.sphinx.chat`)"
      - "traefik.tcp.services.tribes.loadbalancer.server.port=1883"
      - "traefik.tcp.routers.tribes.tls=true"
      - "traefik.tcp.routers.tribes.tls.certresolver=myresolver"
      - "traefik.tcp.routers.tribes.entrypoints=mqttsecure"
      - "traefik.tcp.routers.tribes.service=tribes"
    restart: on-failure

Even if I remove the http router, i still cant connect to the tcp one

2

ok! i got it!

totally my bad, i was serving MQTT on "localhost" but switching it to "0.0.0.0" fixed it