Local subdomain for dashboard, doesn't work

Hello guys,

below is a docker-compose that I am trying to use: Ubuntu Pastebin
here are the logs that my traefik inside docker is producing: Ubuntu Pastebin
here is my dynamic.yaml file:

tls:
  options:
    default:
      minVersion: VersionTLS12
    mintls13:
      minVersion: VersionTLS13

  stores:
    default:
      defaultCertificate:
        certFile: /certs/local.crt
        keyFile: /certs/local.key

My problem is that when I am going to https://ubuntu.home, I am getting error 404, and I can see I am getting traefik certificate, so I know it does work. What is kinda unexpected, when I am going to https://traefik.ubuntu.home I am getting server doesn't exist, same goes for http://traefik.ubuntu.home. I am using my asus router with merlin as a dns provider to be able to use domain .home and by DHCP I assigned hostname of 'ubuntu',

What I am doing wrong, guys? Thank you a lot for all your help

Post the compose here please.

Docker compose:

version: "3"

services:
  traefik:
    image: traefik:latest
    restart: unless-stopped
    container_name: traefik
    ports:
      - "80:80" # <== http
      - "8080:8080" # <== :8080 is where the dashboard runs on
      - "443:443" # <== https
    command:
      - --api.insecure=true # <== Enabling insecure api, NOT RECOMMENDED FOR PRODUCTION
      - --api.dashboard=true # <== Enabling the dashboard to view services, middlewares, routers, etc.
      - --api.debug=true # <== Enabling additional endpoints for debugging and profiling
      - --log.level=DEBUG # <== Setting the level of the logs from traefik
      - --providers.docker=true # <== Enabling docker as the provider for traefik
      - --providers.docker.exposedbydefault=false # <== Don't expose every container to traefik
      - --providers.file.filename=/dynamic.yaml # <== Referring to a dynamic configuration file
      - --providers.docker.network=web # <== Operate on the docker network named web
      - --entrypoints.web.address=:80 # <== Defining an entrypoint for port :80 named web
      - --entrypoints.web-secured.address=:443 # <== Defining an entrypoint for https on port :443 (not really needed)
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock # <== Volume for docker admin
      - /etc/traefik/dynamic.yaml:/dynamic.yaml # <== Volume for dynamic conf file, **ref: line 27

    labels:
      - "traefik.enable=true" # <== Enable traefik on itself to view dashboard and assign subdomain to$
      - "traefik.http.routers.api.rule=Host(`traefik.test.home`)" # <== Setting the domain for the d$
      - "traefik.http.routers.api.service=api@internal" # <== Enabling the api to be a service to acce$
      - "traefik.http.routers.traefik.entrypoints=http"
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"

networks:
  web:
    external: true

logs:

time="2022-07-23T19:16:48Z" level=info msg="Configuration loaded from flags."
time="2022-07-23T19:16:48Z" level=info msg="Traefik version 2.8.1 built on 2022-07-11T14:06:57Z"
time="2022-07-23T19:16:48Z" level=debug msg="Static configuration loaded {\"global\":{\"checkNewVersion\":true},\"serversTransport\":{\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"traefik\":{\"address\":\":8080\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":\"10s\"},\"respondingTimeouts\":{\"idleTimeout\":\"3m0s\"}},\"forwardedHeaders\":{},\"http\":{},\"http2\":{\"maxConcurrentStreams\":250},\"udp\":{\"timeout\":\"3s\"}},\"web\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":\"10s\"},\"respondingTimeouts\":{\"idleTimeout\":\"3m0s\"}},\"forwardedHeaders\":{},\"http\":{},\"http2\":{\"maxConcurrentStreams\":250},\"udp\":{\"timeout\":\"3s\"}},\"web-secured\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":\"10s\"},\"respondingTimeouts\":{\"idleTimeout\":\"3m0s\"}},\"forwardedHeaders\":{},\"http\":{},\"http2\":{\"maxConcurrentStreams\":250},\"udp\":{\"timeout\":\"3s\"}}},\"providers\":{\"providersThrottleDuration\":\"2s\",\"docker\":{\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"network\":\"web\",\"swarmModeRefreshSeconds\":\"15s\"},\"file\":{\"watch\":true,\"filename\":\"/dynamic.yaml\"}},\"api\":{\"insecure\":true,\"dashboard\":true,\"debug\":true},\"log\":{\"level\":\"DEBUG\",\"format\":\"common\"},\"pilot\":{\"dashboard\":true}}"
time="2022-07-23T19:16:48Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc.traefik.io/traefik/contributing/data-collection/\n"
time="2022-07-23T19:16:48Z" level=warning msg="Traefik Pilot is deprecated and will be removed soon. Please check our Blog for migration instructions later this year."
time="2022-07-23T19:16:48Z" level=info msg="Starting provider aggregator aggregator.ProviderAggregator"
time="2022-07-23T19:16:48Z" level=debug msg="Starting TCP Server" entryPointName=web
time="2022-07-23T19:16:48Z" level=debug msg="Starting TCP Server" entryPointName=web-secured
time="2022-07-23T19:16:48Z" level=info msg="Starting provider *file.Provider"
time="2022-07-23T19:16:48Z" level=debug msg="*file.Provider provider configuration: {\"watch\":true,\"filename\":\"/dynamic.yaml\"}"
time="2022-07-23T19:16:48Z" level=debug msg="Starting TCP Server" entryPointName=traefik
time="2022-07-23T19:16:48Z" level=info msg="Starting provider *traefik.Provider"
time="2022-07-23T19:16:48Z" level=debug msg="*traefik.Provider provider configuration: {}"
time="2022-07-23T19:16:48Z" level=debug msg="Configuration received: {\"http\":{\"routers\":{\"api\":{\"entryPoints\":[\"traefik\"],\"service\":\"api@internal\",\"rule\":\"PathPrefix(`/api`)\",\"priority\":2147483646},\"dashboard\":{\"entryPoints\":[\"traefik\"],\"middlewares\":[\"dashboard_redirect@internal\",\"dashboard_stripprefix@internal\"],\"service\":\"dashboard@internal\",\"rule\":\"PathPrefix(`/`)\",\"priority\":2147483645},\"debug\":{\"entryPoints\":[\"traefik\"],\"service\":\"api@internal\",\"rule\":\"PathPrefix(`/debug`)\",\"priority\":2147483646}},\"services\":{\"api\":{},\"dashboard\":{},\"noop\":{}},\"middlewares\":{\"dashboard_redirect\":{\"redirectRegex\":{\"regex\":\"^(http:\\\\/\\\\/(\\\\[[\\\\w:.]+\\\\]|[\\\\w\\\\._-]+)(:\\\\d+)?)\\\\/$\",\"replacement\":\"${1}/dashboard/\",\"permanent\":true}},\"dashboard_stripprefix\":{\"stripPrefix\":{\"prefixes\":[\"/dashboard/\",\"/dashboard\"]}}},\"serversTransports\":{\"default\":{\"maxIdleConnsPerHost\":200}}},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=internal
time="2022-07-23T19:16:48Z" level=debug msg="No default certificate, generating one" tlsStoreName=default
time="2022-07-23T19:16:48Z" level=info msg="Starting provider *acme.ChallengeTLSALPN"
time="2022-07-23T19:16:48Z" level=debug msg="*acme.ChallengeTLSALPN provider configuration: {}"
time="2022-07-23T19:16:48Z" level=debug msg="Configuration received: {\"http\":{\"middlewares\":{\"redirect\":{\"redirectScheme\":{\"scheme\":\"https\"}}}},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=file
time="2022-07-23T19:16:48Z" level=info msg="Starting provider *docker.Provider"
time="2022-07-23T19:16:48Z" level=debug msg="*docker.Provider provider configuration: {\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"network\":\"web\",\"swarmModeRefreshSeconds\":\"15s\"}"
time="2022-07-23T19:16:48Z" level=debug msg="Provider connection established with docker 20.10.17 (API 1.41)" providerName=docker
time="2022-07-23T19:16:48Z" level=warning msg="Could not find network named 'web' for container '/traefik'! Maybe you're missing the project's prefix in the label? Defaulting to first available network." providerName=docker container=traefik-traefik-7dbd9c11cede26fb279bfcd8535f7b3da641ce65b43e2e4728dbc60a34c27935 serviceName=traefik-traefik
time="2022-07-23T19:16:48Z" level=debug msg="Filtering disabled container" container=nextcloud-app-nextcloud-8b9e4f0c07331a6d08b53076f5ffeae29ed5cd99df872cc712f91b41221bd406 providerName=docker
time="2022-07-23T19:16:48Z" level=debug msg="Filtering disabled container" providerName=docker container=nextcloud-db-nextcloud-528aa428f60afc92b5aa3f4c594e4a753abae19efeca6cb95d2d880f43656802
time="2022-07-23T19:16:48Z" level=debug msg="Filtering disabled container" providerName=docker container=tunnels-9b9da27ae201a57cc1048f74852e2053b8b6cd4c642635a20451e60da6bc6510
time="2022-07-23T19:16:48Z" level=debug msg="Filtering disabled container" providerName=docker container=watchtower-7b0c7b7000208a7fb01ac60d0a80e07ef41f9bc3e449cfc394df090496505dc7
time="2022-07-23T19:16:48Z" level=debug msg="Filtering disabled container" providerName=docker container=portainer-01d01f3a1bd9082cae7e9bdcb12321f556a1bfb44bcd5b0903e9da8d66f47aae
time="2022-07-23T19:16:48Z" level=debug msg="Configuration received: {\"http\":{\"routers\":{\"api\":{\"service\":\"api@internal\",\"rule\":\"Host(`traefik.test.home`)\"},\"traefik\":{\"entryPoints\":[\"http\"],\"service\":\"traefik-traefik\",\"rule\":\"Host(`traefik-traefik`)\"}},\"services\":{\"traefik-traefik\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.21.0.2:80\"}],\"passHostHeader\":true}}},\"middlewares\":{\"traefik-https-redirect\":{\"redirectScheme\":{\"scheme\":\"https\"}}}},\"tcp\":{},\"udp\":{}}" providerName=docker
time="2022-07-23T19:16:48Z" level=debug msg="Added outgoing tracing middleware api@internal" entryPointName=traefik routerName=debug@internal middlewareName=tracing middlewareType=TracingForwarder
time="2022-07-23T19:16:48Z" level=debug msg="Added outgoing tracing middleware api@internal" middlewareType=TracingForwarder entryPointName=traefik routerName=api@internal middlewareName=tracing
time="2022-07-23T19:16:48Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" entryPointName=traefik routerName=dashboard@internal middlewareName=tracing middlewareType=TracingForwarder
time="2022-07-23T19:16:48Z" level=debug msg="Creating middleware" routerName=dashboard@internal middlewareType=StripPrefix middlewareName=dashboard_stripprefix@internal entryPointName=traefik
time="2022-07-23T19:16:48Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal
time="2022-07-23T19:16:48Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex
time="2022-07-23T19:16:48Z" level=debug msg="Setting up redirection from ^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$ to ${1}/dashboard/" middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik routerName=dashboard@internal
time="2022-07-23T19:16:48Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal
time="2022-07-23T19:16:48Z" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=traefik
time="2022-07-23T19:16:48Z" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [web web-secured]" routerName=api
time="2022-07-23T19:16:48Z" level=debug msg="No default certificate, generating one" tlsStoreName=default
time="2022-07-23T19:16:48Z" level=error msg="entryPoint \"http\" doesn't exist" routerName=traefik@docker entryPointName=http
time="2022-07-23T19:16:48Z" level=error msg="no valid entryPoint for this router" routerName=traefik@docker
time="2022-07-23T19:16:48Z" level=debug msg="Added outgoing tracing middleware api@internal" entryPointName=traefik routerName=debug@internal middlewareName=tracing middlewareType=TracingForwarder
time="2022-07-23T19:16:48Z" level=debug msg="Added outgoing tracing middleware api@internal" middlewareType=TracingForwarder entryPointName=traefik routerName=api@internal middlewareName=tracing
time="2022-07-23T19:16:48Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" middlewareName=tracing entryPointName=traefik routerName=dashboard@internal middlewareType=TracingForwarder
time="2022-07-23T19:16:48Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareType=StripPrefix middlewareName=dashboard_stripprefix@internal
time="2022-07-23T19:16:48Z" level=debug msg="Adding tracing to middleware" routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal entryPointName=traefik
time="2022-07-23T19:16:48Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex
time="2022-07-23T19:16:48Z" level=debug msg="Setting up redirection from ^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$ to ${1}/dashboard/" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex
time="2022-07-23T19:16:48Z" level=debug msg="Adding tracing to middleware" middlewareName=dashboard_redirect@internal entryPointName=traefik routerName=dashboard@internal
time="2022-07-23T19:16:48Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2022-07-23T19:16:48Z" level=debug msg="Added outgoing tracing middleware api@internal" routerName=api@docker middlewareName=tracing middlewareType=TracingForwarder entryPointName=web
time="2022-07-23T19:16:48Z" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=web
time="2022-07-23T19:16:48Z" level=debug msg="Creating middleware" middlewareType=Recovery entryPointName=web-secured middlewareName=traefik-internal-recovery
time="2022-07-23T19:17:57Z" level=debug msg="Serving default certificate for request: \"test.home\""
time="2022-07-23T19:17:57Z" level=debug msg="http: TLS handshake error from 192.168.50.250:33580: remote error: tls: bad certificate"
time="2022-07-23T19:17:59Z" level=debug msg="Serving default certificate for request: \"test.home\""

Your router is configured for Host(`traefik.test.home`) so you would get a 404 for https://traefik.ubuntu.home as there is no route configured.

It's not that I was just trying to check if the problem is not with router, but it's not that. I updated docker-compose with ubuntu.home back after it but forgot to post correct one here.

Here are correct docker-compose and logs for ubuntu.home:

version: "3"

services:
  traefik:
    image: traefik:latest
    restart: unless-stopped
    container_name: traefik
    ports:
      - "80:80" # <== http
      - "8080:8080" # <== :8080 is where the dashboard runs on
      - "443:443" # <== https
    command:
      - --api.insecure=true # <== Enabling insecure api, NOT RECOMMENDED FOR PRODUCTION
      - --api.dashboard=true # <== Enabling the dashboard to view services, middlewares, routers, etc.
      - --api.debug=true # <== Enabling additional endpoints for debugging and profiling
      - --log.level=DEBUG # <== Setting the level of the logs from traefik
      - --providers.docker=true # <== Enabling docker as the provider for traefik
      - --providers.docker.exposedbydefault=false # <== Don't expose every container to traefik
      - --providers.file.filename=/dynamic.yaml # <== Referring to a dynamic configuration file
      - --providers.docker.network=web # <== Operate on the docker network named web
      - --entrypoints.web.address=:80 # <== Defining an entrypoint for port :80 named web
      - --entrypoints.web-secured.address=:443 # <== Defining an entrypoint for https on port :443 (not really needed)
      #- --certificatesresolvers.mytlschallenge.acme.tlschallenge=true # <== Enable TLS-ALPN-01 (not really needed)
      #- --certificatesresolvers.mytlschallenge.acme.email=you@youremail # <== Set your email (not really needed)
      #- --certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json # <== SSL stuff we don't need.
    volumes:
      #- ./letsencrypt:/letsencrypt # <== Volume for certs (TLS) (not really needed)
      - /var/run/docker.sock:/var/run/docker.sock # <== Volume for docker admin
      - /etc/traefik/dynamic.yaml:/dynamic.yaml # <== Volume for dynamic conf file, **ref: line 27

    labels:
      - "traefik.enable=true" # <== Enable traefik on itself to view dashboard and assign subdomain to$
      - "traefik.http.routers.api.rule=Host(`traefik.ubuntu.home`)" # <== Setting the domain for the d$
      - "traefik.http.routers.api.service=api@internal" # <== Enabling the api to be a service to acce$
      - "traefik.http.routers.traefik.entrypoints=http"
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"

networks:
  web:
    external: true
time="2022-07-26T20:19:53Z" level=info msg="Configuration loaded from flags."
time="2022-07-26T20:19:53Z" level=info msg="Traefik version 2.8.1 built on 2022-07-11T14:06:57Z"
time="2022-07-26T20:19:53Z" level=debug msg="Static configuration loaded {\"global\":{\"checkNewVersion\":true},\"serversTransport\":{\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"traefik\":{\"address\":\":8080\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":\"10s\"},\"respondingTimeouts\":{\"idleTimeout\":\"3m0s\"}},\"forwardedHeaders\":{},\"http\":{},\"http2\":{\"maxConcurrentStreams\":250},\"udp\":{\"timeout\":\"3s\"}},\"web\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":\"10s\"},\"respondingTimeouts\":{\"idleTimeout\":\"3m0s\"}},\"forwardedHeaders\":{},\"http\":{},\"http2\":{\"maxConcurrentStreams\":250},\"udp\":{\"timeout\":\"3s\"}},\"web-secured\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":\"10s\"},\"respondingTimeouts\":{\"idleTimeout\":\"3m0s\"}},\"forwardedHeaders\":{},\"http\":{},\"http2\":{\"maxConcurrentStreams\":250},\"udp\":{\"timeout\":\"3s\"}}},\"providers\":{\"providersThrottleDuration\":\"2s\",\"docker\":{\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"network\":\"web\",\"swarmModeRefreshSeconds\":\"15s\"},\"file\":{\"watch\":true,\"filename\":\"/dynamic.yaml\"}},\"api\":{\"insecure\":true,\"dashboard\":true,\"debug\":true},\"log\":{\"level\":\"DEBUG\",\"format\":\"common\"},\"pilot\":{\"dashboard\":true}}"
time="2022-07-26T20:19:53Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc.traefik.io/traefik/contributing/data-collection/\n"
time="2022-07-26T20:19:53Z" level=warning msg="Traefik Pilot is deprecated and will be removed soon. Please check our Blog for migration instructions later this year."
time="2022-07-26T20:19:53Z" level=info msg="Starting provider aggregator aggregator.ProviderAggregator"
time="2022-07-26T20:19:53Z" level=debug msg="Starting TCP Server" entryPointName=web-secured
time="2022-07-26T20:19:53Z" level=debug msg="Starting TCP Server" entryPointName=web
time="2022-07-26T20:19:53Z" level=debug msg="Starting TCP Server" entryPointName=traefik
time="2022-07-26T20:19:53Z" level=info msg="Starting provider *file.Provider"
time="2022-07-26T20:19:53Z" level=debug msg="*file.Provider provider configuration: {\"watch\":true,\"filename\":\"/dynamic.yaml\"}"
time="2022-07-26T20:19:53Z" level=info msg="Starting provider *traefik.Provider"
time="2022-07-26T20:19:53Z" level=debug msg="*traefik.Provider provider configuration: {}"
time="2022-07-26T20:19:53Z" level=info msg="Starting provider *acme.ChallengeTLSALPN"
time="2022-07-26T20:19:53Z" level=debug msg="*acme.ChallengeTLSALPN provider configuration: {}"
time="2022-07-26T20:19:53Z" level=info msg="Starting provider *docker.Provider"
time="2022-07-26T20:19:53Z" level=debug msg="*docker.Provider provider configuration: {\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"network\":\"web\",\"swarmModeRefreshSeconds\":\"15s\"}"
time="2022-07-26T20:19:53Z" level=debug msg="Configuration received: {\"http\":{\"middlewares\":{\"redirect\":{\"redirectScheme\":{\"scheme\":\"https\"}}}},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=file
time="2022-07-26T20:19:53Z" level=debug msg="Configuration received: {\"http\":{\"routers\":{\"api\":{\"entryPoints\":[\"traefik\"],\"service\":\"api@internal\",\"rule\":\"PathPrefix(`/api`)\",\"priority\":2147483646},\"dashboard\":{\"entryPoints\":[\"traefik\"],\"middlewares\":[\"dashboard_redirect@internal\",\"dashboard_stripprefix@internal\"],\"service\":\"dashboard@internal\",\"rule\":\"PathPrefix(`/`)\",\"priority\":2147483645},\"debug\":{\"entryPoints\":[\"traefik\"],\"service\":\"api@internal\",\"rule\":\"PathPrefix(`/debug`)\",\"priority\":2147483646}},\"services\":{\"api\":{},\"dashboard\":{},\"noop\":{}},\"middlewares\":{\"dashboard_redirect\":{\"redirectRegex\":{\"regex\":\"^(http:\\\\/\\\\/(\\\\[[\\\\w:.]+\\\\]|[\\\\w\\\\._-]+)(:\\\\d+)?)\\\\/$\",\"replacement\":\"${1}/dashboard/\",\"permanent\":true}},\"dashboard_stripprefix\":{\"stripPrefix\":{\"prefixes\":[\"/dashboard/\",\"/dashboard\"]}}},\"serversTransports\":{\"default\":{\"maxIdleConnsPerHost\":200}}},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=internal
time="2022-07-26T20:19:53Z" level=debug msg="No default certificate, generating one" tlsStoreName=default
time="2022-07-26T20:19:53Z" level=debug msg="Provider connection established with docker 20.10.17 (API 1.41)" providerName=docker
time="2022-07-26T20:19:53Z" level=warning msg="Could not find network named 'web' for container '/traefik'! Maybe you're missing the project's prefix in the label? Defaulting to first available network." providerName=docker container=traefik-traefik-9cbadb6f9a283b141e5b3384731a8cfe6359bab90c1f1269ab7284e9a1d85def serviceName=traefik-traefik
time="2022-07-26T20:19:53Z" level=debug msg="Filtering disabled container" container=nextcloud-app-nextcloud-5121116637fd64e89f87b818c2e28ccc7b9e755a4f4f592d3c3de558d25c2d24 providerName=docker
time="2022-07-26T20:19:53Z" level=debug msg="Filtering disabled container" providerName=docker container=nextcloud-db-nextcloud-892c9205f3c089e310c1a2aedbeae273990abdf2090bc2a2603fd08e9cfabfa3
time="2022-07-26T20:19:53Z" level=debug msg="Filtering disabled container" providerName=docker container=tunnels-9b9da27ae201a57cc1048f74852e2053b8b6cd4c642635a20451e60da6bc6510
time="2022-07-26T20:19:53Z" level=debug msg="Filtering disabled container" providerName=docker container=watchtower-7b0c7b7000208a7fb01ac60d0a80e07ef41f9bc3e449cfc394df090496505dc7
time="2022-07-26T20:19:53Z" level=debug msg="Filtering disabled container" providerName=docker container=portainer-01d01f3a1bd9082cae7e9bdcb12321f556a1bfb44bcd5b0903e9da8d66f47aae
time="2022-07-26T20:19:53Z" level=debug msg="Configuration received: {\"http\":{\"routers\":{\"api\":{\"service\":\"api@internal\",\"rule\":\"Host(`traefik.ubuntu.home`)\"},\"traefik\":{\"entryPoints\":[\"http\"],\"service\":\"traefik-traefik\",\"rule\":\"Host(`traefik-traefik`)\"}},\"services\":{\"traefik-traefik\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.21.0.2:80\"}],\"passHostHeader\":true}}},\"middlewares\":{\"traefik-https-redirect\":{\"redirectScheme\":{\"scheme\":\"https\"}}}},\"tcp\":{},\"udp\":{}}" providerName=docker
time="2022-07-26T20:19:53Z" level=debug msg="Added outgoing tracing middleware api@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik routerName=api@internal
time="2022-07-26T20:19:53Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik routerName=dashboard@internal
time="2022-07-26T20:19:53Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal middlewareType=StripPrefix
time="2022-07-26T20:19:53Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal
time="2022-07-26T20:19:53Z" level=debug msg="Creating middleware" middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik routerName=dashboard@internal
time="2022-07-26T20:19:53Z" level=debug msg="Setting up redirection from ^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$ to ${1}/dashboard/" middlewareType=RedirectRegex entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal
time="2022-07-26T20:19:53Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal
time="2022-07-26T20:19:53Z" level=debug msg="Added outgoing tracing middleware api@internal" entryPointName=traefik routerName=debug@internal middlewareName=tracing middlewareType=TracingForwarder
time="2022-07-26T20:19:53Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2022-07-26T20:19:53Z" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [web web-secured]" routerName=api
time="2022-07-26T20:19:53Z" level=debug msg="No default certificate, generating one" tlsStoreName=default
time="2022-07-26T20:19:53Z" level=error msg="entryPoint \"http\" doesn't exist" routerName=traefik@docker entryPointName=http
time="2022-07-26T20:19:53Z" level=error msg="no valid entryPoint for this router" routerName=traefik@docker
time="2022-07-26T20:19:53Z" level=debug msg="Added outgoing tracing middleware api@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik routerName=debug@internal
time="2022-07-26T20:19:53Z" level=debug msg="Added outgoing tracing middleware api@internal" entryPointName=traefik routerName=api@internal middlewareName=tracing middlewareType=TracingForwarder
time="2022-07-26T20:19:53Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" routerName=dashboard@internal entryPointName=traefik middlewareName=tracing middlewareType=TracingForwarder
time="2022-07-26T20:19:53Z" level=debug msg="Creating middleware" middlewareType=StripPrefix entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal
time="2022-07-26T20:19:53Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal
time="2022-07-26T20:19:53Z" level=debug msg="Creating middleware" routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik
time="2022-07-26T20:19:53Z" level=debug msg="Setting up redirection from ^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$ to ${1}/dashboard/" routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik
time="2022-07-26T20:19:53Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik middlewareName=dashboard_redirect@internal routerName=dashboard@internal
time="2022-07-26T20:19:53Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2022-07-26T20:19:53Z" level=debug msg="Added outgoing tracing middleware api@internal" routerName=api@docker entryPointName=web middlewareName=tracing middlewareType=TracingForwarder
time="2022-07-26T20:19:53Z" level=debug msg="Creating middleware" entryPointName=web middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2022-07-26T20:19:53Z" level=debug msg="Creating middleware" middlewareType=Recovery entryPointName=web-secured middlewareName=traefik-internal-recovery
time="2022-07-26T20:21:38Z" level=debug msg="Serving default certificate for request: \"ubuntu.home\""
time="2022-07-26T20:21:38Z" level=debug msg="http: TLS handshake error from 192.168.50.11:59622: remote error: tls: bad certificate"
    labels:
      - "traefik.enable=true" # <== Enable traefik on itself to view dashboard and assign subdomain to$
      - "traefik.http.routers.api.rule=Host(`traefik.ubuntu.home`)" # <== Setting the domain for the d$
      - "traefik.http.routers.api.service=api@internal" # <== Enabling the api to be a service to acce$

So far so good. router named api with a host rule and a service.

      - "traefik.http.routers.traefik.entrypoints=http"

This is a new router traefik with an entrypoint named http. http was not defined. You defined web and web-secured

      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"

a new middleware traefik-https-redirect is defined but is not referenced by any routers.


What you're looking to do is more like the below, but even then if you're going to use https everywhere it can be simpler by using the entrypoint redirect.

    labels:
      - "traefik.enable=true" 
      - "traefik.http.routers.api.rule=Host(`traefik.ubuntu.home`)" 
      - "traefik.http.routers.api.service=api@internal" 
      - "traefik.http.routers.api.entrypoints=web-secured"
      - "traefik.http.routers.api.tls=true"
      - "traefik.http.routers.api-redir.entrypoints=web"
      - "traefik.http.routers.api-redir.rule=Host(`traefik.ubuntu.localhost`)"
      - "traefik.http.routers.api-redir.middlewares=traefik-https-redirect"
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"

By using entrypoint redirection and Setting TLS on the entrypoint you can end up with a more succinct:

    labels:
      - "traefik.enable=true" 
      - "traefik.http.routers.api.rule=Host(`traefik.ubuntu.home`)" 
      - "traefik.http.routers.api.service=api@internal" 

So here is my docker-compose right now:

version: "3"

services:
  traefik:
    image: traefik:latest
    restart: unless-stopped
    container_name: traefik
    ports:
      - "80:80" # <== http
      - "8080:8080" # <== :8080 is where the dashboard runs on
      - "443:443" # <== https
    command:
      - --api.insecure=true # <== Enabling insecure api, NOT RECOMMENDED FOR PRODUCTION
      - --api.dashboard=true # <== Enabling the dashboard to view services, middlewares, routers, etc.
      - --api.debug=true # <== Enabling additional endpoints for debugging and profiling
      - --log.level=DEBUG # <== Setting the level of the logs from traefik
      - --providers.docker=true # <== Enabling docker as the provider for traefik
      - --providers.docker.exposedbydefault=false # <== Don't expose every container to traefik
      - --providers.file.filename=/dynamic.yaml # <== Referring to a dynamic configuration file
      - --providers.docker.network=web # <== Operate on the docker network named web
      - --entrypoints.web.address=:80 # <== Defining an entrypoint for port :80 named web
      - --entrypoints.web-secured.address=:443 # <== Defining an entrypoint for https on port :443 (not really needed)
      #- --certificatesresolvers.mytlschallenge.acme.tlschallenge=true # <== Enable TLS-ALPN-01 (not really needed)
      #- --certificatesresolvers.mytlschallenge.acme.email=you@youremail # <== Set your email (not really needed)
      #- --certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json # <== SSL stuff we don't need.
    volumes:
      #- ./letsencrypt:/letsencrypt # <== Volume for certs (TLS) (not really needed)
      - /var/run/docker.sock:/var/run/docker.sock # <== Volume for docker admin
      - /etc/traefik/dynamic.yaml:/dynamic.yaml # <== Volume for dynamic conf file, **ref: line 27


    labels:
      - "traefik.enable=true" 
      - "traefik.http.routers.api.rule=Host(`traefik.ubuntu.home`)" 
      - "traefik.http.routers.api.service=api@internal" 

networks:
  web:
    external: true

logs:

time="2022-07-27T19:41:45Z" level=info msg="Configuration loaded from flags."
time="2022-07-27T19:41:45Z" level=info msg="Traefik version 2.8.1 built on 2022-07-11T14:06:57Z"
time="2022-07-27T19:41:45Z" level=debug msg="Static configuration loaded {\"global\":{\"checkNewVersion\":true},\"serversTransport\":{\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"traefik\":{\"address\":\":8080\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":\"10s\"},\"respondingTimeouts\":{\"idleTimeout\":\"3m0s\"}},\"forwardedHeaders\":{},\"http\":{},\"http2\":{\"maxConcurrentStreams\":250},\"udp\":{\"timeout\":\"3s\"}},\"web\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":\"10s\"},\"respondingTimeouts\":{\"idleTimeout\":\"3m0s\"}},\"forwardedHeaders\":{},\"http\":{},\"http2\":{\"maxConcurrentStreams\":250},\"udp\":{\"timeout\":\"3s\"}},\"web-secured\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":\"10s\"},\"respondingTimeouts\":{\"idleTimeout\":\"3m0s\"}},\"forwardedHeaders\":{},\"http\":{},\"http2\":{\"maxConcurrentStreams\":250},\"udp\":{\"timeout\":\"3s\"}}},\"providers\":{\"providersThrottleDuration\":\"2s\",\"docker\":{\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"network\":\"web\",\"swarmModeRefreshSeconds\":\"15s\"},\"file\":{\"watch\":true,\"filename\":\"/dynamic.yaml\"}},\"api\":{\"insecure\":true,\"dashboard\":true,\"debug\":true},\"log\":{\"level\":\"DEBUG\",\"format\":\"common\"},\"pilot\":{\"dashboard\":true}}"
time="2022-07-27T19:41:45Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc.traefik.io/traefik/contributing/data-collection/\n"
time="2022-07-27T19:41:45Z" level=warning msg="Traefik Pilot is deprecated and will be removed soon. Please check our Blog for migration instructions later this year."
time="2022-07-27T19:41:45Z" level=info msg="Starting provider aggregator aggregator.ProviderAggregator"
time="2022-07-27T19:41:45Z" level=debug msg="Starting TCP Server" entryPointName=web-secured
time="2022-07-27T19:41:45Z" level=debug msg="Starting TCP Server" entryPointName=web
time="2022-07-27T19:41:45Z" level=debug msg="Starting TCP Server" entryPointName=traefik
time="2022-07-27T19:41:45Z" level=info msg="Starting provider *file.Provider"
time="2022-07-27T19:41:45Z" level=debug msg="*file.Provider provider configuration: {\"watch\":true,\"filename\":\"/dynamic.yaml\"}"
time="2022-07-27T19:41:45Z" level=info msg="Starting provider *traefik.Provider"
time="2022-07-27T19:41:45Z" level=debug msg="*traefik.Provider provider configuration: {}"
time="2022-07-27T19:41:45Z" level=info msg="Starting provider *acme.ChallengeTLSALPN"
time="2022-07-27T19:41:45Z" level=debug msg="*acme.ChallengeTLSALPN provider configuration: {}"
time="2022-07-27T19:41:45Z" level=info msg="Starting provider *docker.Provider"
time="2022-07-27T19:41:45Z" level=debug msg="*docker.Provider provider configuration: {\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"network\":\"web\",\"swarmModeRefreshSeconds\":\"15s\"}"
time="2022-07-27T19:41:45Z" level=debug msg="Configuration received: {\"http\":{\"routers\":{\"api\":{\"entryPoints\":[\"traefik\"],\"service\":\"api@internal\",\"rule\":\"PathPrefix(`/api`)\",\"priority\":2147483646},\"dashboard\":{\"entryPoints\":[\"traefik\"],\"middlewares\":[\"dashboard_redirect@internal\",\"dashboard_stripprefix@internal\"],\"service\":\"dashboard@internal\",\"rule\":\"PathPrefix(`/`)\",\"priority\":2147483645},\"debug\":{\"entryPoints\":[\"traefik\"],\"service\":\"api@internal\",\"rule\":\"PathPrefix(`/debug`)\",\"priority\":2147483646}},\"services\":{\"api\":{},\"dashboard\":{},\"noop\":{}},\"middlewares\":{\"dashboard_redirect\":{\"redirectRegex\":{\"regex\":\"^(http:\\\\/\\\\/(\\\\[[\\\\w:.]+\\\\]|[\\\\w\\\\._-]+)(:\\\\d+)?)\\\\/$\",\"replacement\":\"${1}/dashboard/\",\"permanent\":true}},\"dashboard_stripprefix\":{\"stripPrefix\":{\"prefixes\":[\"/dashboard/\",\"/dashboard\"]}}},\"serversTransports\":{\"default\":{\"maxIdleConnsPerHost\":200}}},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=internal
time="2022-07-27T19:41:45Z" level=debug msg="Configuration received: {\"http\":{\"middlewares\":{\"redirect\":{\"redirectScheme\":{\"scheme\":\"https\"}}}},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=file
time="2022-07-27T19:41:45Z" level=debug msg="No default certificate, generating one" tlsStoreName=default
time="2022-07-27T19:41:45Z" level=debug msg="Provider connection established with docker 20.10.17 (API 1.41)" providerName=docker
time="2022-07-27T19:41:45Z" level=warning msg="Could not find network named 'web' for container '/traefik'! Maybe you're missing the project's prefix in the label? Defaulting to first available network." providerName=docker container=traefik-traefik-90498093ff690b79d58179ccd7a6044c5004d79508d8eb65e6c1448fa4546b0d serviceName=traefik-traefik
time="2022-07-27T19:41:45Z" level=debug msg="Filtering disabled container" providerName=docker container=portainer-b8104710accb8e332d3655d52edfa9f72083f84b7445c24ec5b8e08d646264cd
time="2022-07-27T19:41:45Z" level=debug msg="Filtering disabled container" providerName=docker container=nextcloud-app-nextcloud-5121116637fd64e89f87b818c2e28ccc7b9e755a4f4f592d3c3de558d25c2d24
time="2022-07-27T19:41:45Z" level=debug msg="Filtering disabled container" providerName=docker container=nextcloud-db-nextcloud-892c9205f3c089e310c1a2aedbeae273990abdf2090bc2a2603fd08e9cfabfa3
time="2022-07-27T19:41:45Z" level=debug msg="Filtering disabled container" providerName=docker container=tunnels-9b9da27ae201a57cc1048f74852e2053b8b6cd4c642635a20451e60da6bc6510
time="2022-07-27T19:41:45Z" level=debug msg="Filtering disabled container" providerName=docker container=watchtower-7b0c7b7000208a7fb01ac60d0a80e07ef41f9bc3e449cfc394df090496505dc7
time="2022-07-27T19:41:45Z" level=debug msg="Configuration received: {\"http\":{\"routers\":{\"api\":{\"service\":\"api@internal\",\"rule\":\"Host(`traefik.ubuntu.home`)\"}},\"services\":{\"traefik-traefik\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.21.0.2:80\"}],\"passHostHeader\":true}}}},\"tcp\":{},\"udp\":{}}" providerName=docker
time="2022-07-27T19:41:45Z" level=debug msg="Added outgoing tracing middleware api@internal" routerName=debug@internal middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik
time="2022-07-27T19:41:45Z" level=debug msg="Added outgoing tracing middleware api@internal" entryPointName=traefik routerName=api@internal middlewareName=tracing middlewareType=TracingForwarder
time="2022-07-27T19:41:45Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" routerName=dashboard@internal entryPointName=traefik middlewareName=tracing middlewareType=TracingForwarder
time="2022-07-27T19:41:45Z" level=debug msg="Creating middleware" routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal middlewareType=StripPrefix entryPointName=traefik
time="2022-07-27T19:41:45Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal
time="2022-07-27T19:41:45Z" level=debug msg="Creating middleware" middlewareType=RedirectRegex entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal
time="2022-07-27T19:41:45Z" level=debug msg="Setting up redirection from ^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$ to ${1}/dashboard/" middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik routerName=dashboard@internal
time="2022-07-27T19:41:45Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal
time="2022-07-27T19:41:45Z" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=traefik
time="2022-07-27T19:41:45Z" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [web web-secured]" routerName=api
time="2022-07-27T19:41:45Z" level=debug msg="No default certificate, generating one" tlsStoreName=default
time="2022-07-27T19:41:45Z" level=debug msg="Added outgoing tracing middleware api@internal" routerName=api@internal middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik
time="2022-07-27T19:41:45Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" middlewareType=TracingForwarder middlewareName=tracing entryPointName=traefik routerName=dashboard@internal
time="2022-07-27T19:41:45Z" level=debug msg="Creating middleware" routerName=dashboard@internal entryPointName=traefik middlewareName=dashboard_stripprefix@internal middlewareType=StripPrefix
time="2022-07-27T19:41:45Z" level=debug msg="Adding tracing to middleware" middlewareName=dashboard_stripprefix@internal entryPointName=traefik routerName=dashboard@internal
time="2022-07-27T19:41:45Z" level=debug msg="Creating middleware" middlewareType=RedirectRegex entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal
time="2022-07-27T19:41:45Z" level=debug msg="Setting up redirection from ^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$ to ${1}/dashboard/" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex
time="2022-07-27T19:41:45Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal
time="2022-07-27T19:41:45Z" level=debug msg="Added outgoing tracing middleware api@internal" routerName=debug@internal entryPointName=traefik middlewareName=tracing middlewareType=TracingForwarder
time="2022-07-27T19:41:45Z" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=traefik
time="2022-07-27T19:41:45Z" level=debug msg="Added outgoing tracing middleware api@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=web routerName=api@docker
time="2022-07-27T19:41:45Z" level=debug msg="Creating middleware" entryPointName=web middlewareType=Recovery middlewareName=traefik-internal-recovery
time="2022-07-27T19:41:45Z" level=debug msg="Creating middleware" middlewareType=Recovery entryPointName=web-secured middlewareName=traefik-internal-recovery
time="2022-07-27T19:42:10Z" level=debug msg="Serving default certificate for request: \"ubuntu.home\""
time="2022-07-27T19:42:10Z" level=debug msg="http: TLS handshake error from 192.168.50.11:58046: remote error: tls: bad certificate"
time="2022-07-27T19:42:55Z" level=debug msg="Serving default certificate for request: \"ubuntu.home\""
time="2022-07-27T19:42:55Z" level=debug msg="http: TLS handshake error from 192.168.50.11:39778: remote error: tls: bad certificate"
time="2022-07-27T19:42:58Z" level=debug msg="Serving default certificate for request: \"ubuntu.home\""

when I am accessing https://traefik.ubuntu.home I am still getting server not found

You took the succinct label set without actually setting up entrypoint redirection and TLS on the entrypoint.

Go back and read my previous reply again, there are two options there. One is basically a drop in replacement the other requires more reading and configuration.

Thank you very much for help. Problem was on my DNS. I needed to add *.ubuntu.home to point to my server. For future people who are reading it and using adguard home with their merlin-asus. Asus itself doesn't do it :slight_smile: you need to do it in your adguard home :wink:

1 Like