I have run into a wall trying to get this configured. I'm trying to use a traefik docker container to act as a reverse proxy + load balancer for some physical servers. We went with traefik because our need to do this for docker containers in the future will grow.
I'm trying to get it to pass through to an internal server that uses https. I think I'm getting close however I'm getting stuck now where it says "No default certificate, generating one" then doesn't load the file provider.
docker-compose.yml:
version: "3.3"
services:
traefik:
image: "traefik:v2.0"
container_name: "traefik"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
# So that Traefik can listen to the Docker events
- /var/run/docker.sock:/var/run/docker.sock
- /mnt/docker/containers/etraefik/toml:/etc/traefik
traefik.toml:
[log]
level = "DEBUG"
[api]
insecure = "true"
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.https]
address = ":443"
[providers]
docker = "true"
[docker]
exposedbydefault = "false"
[file]
directory = "/etc/traefik/config"
watch = "true"
[TLSOptions]
[TLSOptions.mintls12]
MinVersion = "VersionTLS12"
sniStrict = true
[TLSOptions.default]
MinVersion = "VersionTLS13"
sniStrict = true
[tls.certificates]
certFile = "/etc/traefik/config/domain.com.crt"
keyFile = "/etc/traefik/config/domain.com.key"
[tls.stores]
[tls.stores.default]
[tls.stores.default.defaultCertificate]
certFile = "/etc/traefik/config/domain.com.crt"
keyFile = "/etc/traefik/config/domain.com.key"
/etc/traefik/config/application.toml:
[http]
[http.routers]
# Define a connection between requests and services
[http.routers.application-http]
rule = "Host(`application.domain.com`)"
# If the rule matches, forward to the application service (declared below)
service = "application"
entryPoints = "http"
[http.routers.application-https]
rule = "Host(`application.domain.com`)
entryPoints = "https"
service = "application"
tls = true
[tls]
options = "default@file"
[http.services]
# Define how to reach an existing service on our infrastructure
[http.services.application.loadBalancer]
passHostHeader = true
[[http.services.application.loadBalancer.servers]]
url = "https://internalserver.domain.com"
OUTPUT LOG:
Starting traefik ... done
Attaching to traefik
traefik | time="2019-09-24T14:03:20Z" level=info msg="Configuration loaded from file: /etc/traefik/traefik.toml"
traefik | time="2019-09-24T14:03:20Z" level=info msg="Traefik version 2.0.0 built on 2019-09-16T17:35:17Z"
traefik | time="2019-09-24T14:03:20Z" level=debug msg="Static configuration loaded {\"global\":{\"checkNewVersion\":true},\"serversTransport\":{\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"http\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}},\"https\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}},\"traefik\":{\"address\":\":8080\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}}},\"providers\":{\"providersThrottleDuration\":2000000000,\"docker\":{\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"exposedByDefault\":true,\"swarmModeRefreshSeconds\":15000000000}},\"api\":{\"insecure\":true,\"dashboard\":true},\"log\":{\"level\":\"DEBUG\",\"format\":\"common\"}}"
traefik | time="2019-09-24T14:03:20Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://docs.traefik.io/v2.0/contributing/data-collection/\n"
traefik | time="2019-09-24T14:03:20Z" level=debug msg="No default certificate, generating one"
traefik | time="2019-09-24T14:03:20Z" level=info msg="Starting provider aggregator.ProviderAggregator {}"
traefik | time="2019-09-24T14:03:20Z" level=debug msg="Start TCP Server" entryPointName=http
traefik | time="2019-09-24T14:03:20Z" level=debug msg="Start TCP Server" entryPointName=https
traefik | time="2019-09-24T14:03:20Z" level=debug msg="Start TCP Server" entryPointName=traefik
traefik | time="2019-09-24T14:03:20Z" level=info msg="Starting provider *docker.Provider {\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"exposedByDefault\":true,\"swarmModeRefreshSeconds\":15000000000}"
traefik | time="2019-09-24T14:03:20Z" level=debug msg="Provider connection established with docker 19.03.2 (API 1.40)" providerName=docker
traefik | time="2019-09-24T14:03:20Z" level=debug msg="Configuration received from provider docker: {\"http\":{\"routers\":{\"traefik_etraefik\":{\"service\":\"traefik_etraefik\",\"rule\":\"Host(`traefik-etraefik`)\"}},\"services\":{\"traefik_etraefik\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://192.168.80.2:80\"}],\"passHostHeader\":true}}}},\"tcp\":{}}" providerName=docker
traefik | time="2019-09-24T14:03:20Z" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [http https traefik]" routerName=traefik_etraefik@docker
traefik | time="2019-09-24T14:03:20Z" level=debug msg="Creating middleware" middlewareName=pipelining middlewareType=Pipelining entryPointName=http routerName=traefik_etraefik@docker serviceName=traefik_etraefik
traefik | time="2019-09-24T14:03:20Z" level=debug msg="Creating load-balancer" entryPointName=http routerName=traefik_etraefik@docker serviceName=traefik_etraefik
traefik | time="2019-09-24T14:03:20Z" level=debug msg="Creating server 0 http://192.168.80.2:80" serviceName=traefik_etraefik entryPointName=http routerName=traefik_etraefik@docker serverName=0
traefik | time="2019-09-24T14:03:20Z" level=debug msg="Added outgoing tracing middleware traefik_etraefik" entryPointName=http middlewareType=TracingForwarder middlewareName=tracing routerName=traefik_etraefik@docker
traefik | time="2019-09-24T14:03:20Z" level=debug msg="Creating middleware" entryPointName=http middlewareName=traefik-internal-recovery middlewareType=Recovery
traefik | time="2019-09-24T14:03:20Z" level=debug msg="Creating middleware" middlewareType=Recovery entryPointName=https middlewareName=traefik-internal-recovery
traefik | time="2019-09-24T14:03:20Z" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=traefik
traefik | time="2019-09-24T14:03:20Z" level=debug msg="No default certificate, generating one"