I can't access the traefik dashboard using a route

Traefik Traefik v2
1

I have a docker compose configuration that launches traefik alongside other services. I was able to correctly access each service in its routes, but I cannot access the traefik dashboard without using the insecure option and forwarding the port 8080.

My traefik service:

  traefik:
    networks:
      - proxy-internal
    image: traefik:v2.9
    container_name: traefik
    restart: unless-stopped
    environment:
      - CLOUDFLARE_EMAIL=${CLOUDFLARE_EMAIL}
      - CLOUDFLARE_DNS_API_TOKEN=${CLOUDFLARE_DNS_API_TOKEN}
      - CLOUDFLARE_ZONE_API_TOKEN=${CLOUDFLARE_ZONE_API_TOKEN}
      - LETS_ENCRYPT_EMAIL=${LETS_ENCRYPT_EMAIL}
    command:
      # - --log.level=DEBUG
      - --api.dashboard=true
      # - --api.insecure=true
      - --providers.docker=true
      - --providers.docker.exposedbydefault=false
      - --entrypoints.web.address=:80
      - --entrypoints.web-secure.address=:443
      - --entrypoints.web.http.redirections.entryPoint.to=web-secure
      - --entrypoints.web.http.redirections.entryPoint.scheme=https
      - --entrypoints.web.http.redirections.entrypoint.permanent=true
      - --experimental.plugins.rewrite-body.modulename=github.com/packruler/rewrite-body
      - --experimental.plugins.rewrite-body.version=v1.2.0
      - --experimental.plugins.rewriteHeaders.modulename=github.com/XciD/traefik-plugin-rewrite-headers
      - --experimental.plugins.rewriteHeaders.version=v0.0.3
      - --certificatesresolvers.myresolver.acme.dnschallenge=${DNS_CHALLENGE:-true}
      - --certificatesresolvers.myresolver.acme.dnschallenge.provider=${DNS_CHALLENGE_PROVIDER:-cloudflare}
      - --certificatesresolvers.myresolver.acme.dnschallenge.resolvers=1.1.1.1:53,8.8.8.8:53
      - --certificatesresolvers.myresolver.acme.caserver=${LETS_ENCRYPT_CA_SERVER:-https://acme-v02.api.letsencrypt.org/directory}
      - --certificatesresolvers.myresolver.acme.email=${LETS_ENCRYPT_EMAIL}
      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
    labels:
      - traefik.enable=true
      # - traefik.http.routers.traefik.entrypoints=http
      - traefik.http.routers.traefik.rule=(Host(`local.${HOSTNAME}`) && PathPrefix(`/traefik`))
      - traefik.http.routers.traefik.tls=true
      - traefik.http.routers.traefik.tls.certresolver=myresolver
      # - traefik.http.services.traefik.loadbalancer.server.port=8080
      - traefik.http.routers.traefik-rtr.service=api@internal
    ports:
      - "80:80"
      - "443:443"
      # - "8080:8080"
    volumes:
      - ./docker-compose-nas/letsencrypt:/letsencrypt
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

Any suggestions on what am I doing wrong?

2

Traefik dashboard is listening on /dashboard/ and needs /api (doc), you can’t just use && PathPrefix(`/traefik`).

See simple Traefik example.