Need help on http-https redirection

I am looking for help on http to https redirection in Traefik 2. The config files below, I run them on a Raspberry Pi docker swarm cluster. In the Traefik dashboard I see all as expected, but I am getting connection timeout when I try to open the example.com.

Thank you!

traefik.yml

version: "3.3"

networks:
  proxy:
    external: true
  
volumes:
  letsencrypt:
  
services:
  traefik:
    image: traefik:v2.2.1
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    command:
      - "--api.insecure=true" # set to 'false' on production
      - "--api.dashboard=true" # see https://docs.traefik.io/v2.0/operations/dashboard/#secure-mode for how to secure the dashboard
      - "--api.debug=true" # enable additional endpoints for debugging and profiling

      - "--accesslog=true"
      - "--accesslog.filepath=/var/log/traefik/traefik.log"
      - "--accesslog.bufferingsize=100"
      - "--log.level=DEBUG"

      - "--providers.docker=true"
      - "--providers.docker.endpoint=unix:///var/run/docker.sock"
      - "--providers.docker.swarmMode=true"
      - "--providers.docker.exposedByDefault=false"
      - "--providers.docker.network=proxy"

      - "--entrypoints.ep-http.address=:80"
      - "--entrypoints.ep-https.address=:443"

      - "--certificatesresolvers.certresolver.acme.httpchallenge=true"
      - "--certificatesresolvers.certresolver.acme.httpchallenge.entrypoint=http"
      - "--certificatesresolvers.certresolver.acme.email=foo.bar@baz.com"
      - "--certificatesresolvers.certresolver.acme.storage=/letsencrypt/acme.json"
    volumes:
      - letsencrypt:/letsencrypt
      - /var/run/docker.sock:/var/run/docker.sock
    networks:
      - proxy
    deploy:
      replicas: 1
      restart_policy:
        condition: any
        delay: 3s
      placement:
        constraints: 
          - node.role == manager

home.yml

version: "3.3"

networks:
  proxy:
    external: true
  internal:

services:
  home:
    image: foo/home:1.18-alpine
    networks:
      - proxy
    deploy:
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=proxy"    

        - "traefik.http.services.s-home.loadbalancer.server.scheme=https"
        - "traefik.http.services.s-home.loadbalancer.server.port=443"

        - "traefik.http.routers.r-home.rule=Host(`example.com`)"
        - "traefik.http.routers.r-home.entrypoints=ep-http"
        - "traefik.http.routers.r-home.middlewares=mw-redirect"
        - "traefik.http.middlewares.mw-redirect.redirectscheme.scheme=https"
        - "traefik.http.middlewares.mw-redirect.redirectscheme.port=443"
        - "traefik.http.middlewares.mw-redirect.redirectscheme.permanent=true"

        - "traefik.http.routers.r-home-https.service=s-home"
        - "traefik.http.routers.r-home-https.rule=Host(`example.com`)"
        - "traefik.http.routers.r-home-https.entrypoints=ep-https"
        - "traefik.http.routers.r-home-https.tls=true"
        - "traefik.http.routers.r-home-https.tls.certresolver=certresolver"

Is the foo/home image actually listening on 443 with tls?

Thanks a lot that should have been

- "traefik.http.services.s-home.loadbalancer.server.scheme=http"

indeed.

1 Like