Hi all,
I can’t find the reason why this middleware isn’t being detected. Even the DEBUG log doesn’t show me any additional information. Can someone give me a hint?
Here’s the error message from the log:
2024-10-31T16:06:36+01:00 ERR error="middleware "cloudflarewarp@file" does not exist" entryPointName=http routerName=http-to-https@internal
traefik/traefik.yml
global:
checkNewVersion: true
sendAnonymousUsage: false
serversTransport:
insecureSkipVerify: true
entryPoints:
http:
address: :80
http:
middlewares:
- "crowdsec@file"
- "cloudflarewarp@file"
redirections:
entryPoint:
to: https
scheme: https
forwardedHeaders:
trustedIPs: &trustedIps
- 172.18.254.252/32
- 172.19.254.252/32
# Start of Clouflare public IP list for HTTP requests, remove this if you don't use it
- 173.245.48.0/20
- 103.21.244.0/22
- 103.22.200.0/22
- 103.31.4.0/22
- 141.101.64.0/18
- 108.162.192.0/18
- 190.93.240.0/20
- 188.114.96.0/20
- 197.234.240.0/22
- 198.41.128.0/17
- 162.158.0.0/15
- 104.16.0.0/13
- 104.24.0.0/14
- 172.64.0.0/13
- 131.0.72.0/22
- 2400:cb00::/32
- 2606:4700::/32
- 2803:f800::/32
- 2405:b500::/32
- 2405:8100::/32
- 2a06:98c0::/29
- 2c0f:f248::/32
# End of Cloudlare public IP list
https:
address: :443
forwardedHeaders:
# Reuse list of Cloudflare Trusted IP's above for HTTPS requests
trustedIPs: *trustedIps
http:
tls:
certResolver: letsencrypt
domains:
- main: mydomain.com
sans:
- '*.mydomain.com'
middlewares:
- securityHeaders@file
- crowdsec@file
- cloudflarewarp@file
providers:
providersThrottleDuration: 2s
file:
filename: /etc/traefik/config/fileConfig.yml
watch: true
docker:
watch: true
network: backend # Add Your Docker Network Name Here
defaultRule: "Host(`{{ lower (trimPrefix `/` .Name )}}.mydomain.com`)" # Replace with your domain
exposedByDefault: false
api:
dashboard: true
insecure: true
log:
level: INFO
certificatesResolvers:
letsencrypt:
acme:
email: auth@mydomain.com
storage: /etc/traefik/acme.json
dnsChallenge:
provider: cloudflare
# Used to make sure the dns challenge is propagated to the rights dns servers
resolvers:
- "1.1.1.1:53"
- "1.0.0.1:53"
experimental:
plugins:
cloudflarewarp:
modulename: github.com/BetterCorp/cloudflarewarp
version: v1.3.3
bouncer:
moduleName: github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin
version: v1.3.3
traefik/config/fileConfig.yml
http:
routers:
# Homeassistant routing - Remove if not used
# homeassistant:
# entryPoints:
# - https
# rule: 'Host(`homeassistant.domain.com`)'
# service: homeassistant
# middlewares:
# - "auth"
services:
# Homeassistant service - Remove if not used
# homeassistant:
# loadBalancer:
# servers:
# - url: http://192.168.60.5:8123/
middlewares:
# Authelia guard
# auth:
# forwardauth:
# address: http://auth:9091/api/verify?rd=https://auth.domain.com/ # replace auth with your authelia container name
# trustForwardHeader: true
# authResponseHeaders:
# - Remote-User
# - Remote-Groups
# - Remote-Name
# - Remote-Email
# Security headers
securityHeaders:
headers:
customResponseHeaders:
X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex"
X-Forwarded-Proto: "https"
server: ""
customRequestHeaders:
X-Forwarded-Proto: "https"
sslProxyHeaders:
X-Forwarded-Proto: "https"
referrerPolicy: "same-origin"
hostsProxyHeaders:
- "X-Forwarded-Host"
contentTypeNosniff: true
browserXssFilter: true
forceSTSHeader: true
stsIncludeSubdomains: true
stsSeconds: 63072000
stsPreload: true
default-headers:
headers:
frameDeny: true
browserXssFilter: true
contentTypeNosniff: true
forceSTSHeader: true
stsIncludeSubdomains: true
stsPreload: true
stsSeconds: 15552000
customFrameOptionsValue: SAMEORIGIN
customRequestHeaders:
X-Forwarded-Proto: https
crowdsec:
plugin:
bouncer:
enabled: true
logLevel: INFO
updateIntervalSeconds: 15
updateMaxFailure: 0
defaultDecisionSeconds: 15
httpTimeoutSeconds: 10
crowdsecMode: stream
crowdsecAppsecEnabled: true
crowdsecAppsecHost: crowdsec:7422
crowdsecAppsecFailureBlock: true
crowdsecAppsecUnreachableBlock: true
crowdsecLapiKey: #################key#################
crowdsecLapiHost: crowdsec:8080
crowdsecLapiScheme: http
forwardedHeadersTrustedIPs:
- 172.18.254.252/32
- 172.19.254.252/32
- 172.18.254.253/32
- 172.19.254.253/32
clientTrustedIPs:
- 172.18.0.0/16
- 172.19.0.0/16
cloudflarewarp:
plugin:
cloudflarewarp:
disableDefault: false
trustip:
- "2400:cb00::/32"
default-whitelist:
ipWhiteList:
sourceRange:
- "10.0.0.0/8"
- "192.168.0.0/16"
- "127.0.0.1/32"
secured:
chain:
middlewares:
- default-whitelist
- default-headers
# Only use secure ciphers - https://ssl-config.mozilla.org/#server=traefik&version=2.6.0&config=intermediate&guideline=5.6
tls:
options:
default:
minVersion: VersionTLS12
cipherSuites:
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
If I completely remove Cloudflare Warp, then it can’t find CrowdSec anymore...