Node: chain" providerName=file

Traefik Traefik v2
1

Hello,

I do have a mistake somewhere, but I didn't find it yet ...

time="2023-07-06T11:13:41+03:00" level=info msg="Configuration loaded from file: /traefik.yml"
time="2023-07-06T11:13:41+03:00" level=error msg="Error while building configuration (for the first time): field not found, node: chain" providerName=file

my traefik.yml:

api:
  dashboard: true
  debug: true
entryPoints:
  http:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: https
          scheme: https
  https:
    address: ":443"
serversTransport:
  insecureSkipVerify: true
providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  file:
    filename: /config.yml
    watch: true
certificatesResolvers:
  cloudflare:
    acme:
      email: toto@toto.com
      storage: /acme.json
      dnsChallenge:
        provider: cloudflare
        #disablePropagationCheck: true # uncomment this if you have issues pulling certificates through cloudflare, By setting this flag to true disables the need to wait for the propagation of the TXT record to all authoritative name servers.
        resolvers:
          - "1.1.1.1:53"
          - "1.0.0.1:53"

My config.yml:

http:
  middlewares:
    default-whitelist:
      ipWhiteList:
        sourceRange:
        - "192.168.xxx.0/26"
    https-redirectscheme:
      redirectScheme:
        scheme: https
        permanent: true
 #region routers 
  routers:
    secure-webserver:
      entryPoints:
        - "https"
      rule: "Host(`www.domain.tld`)"
      middlewares:
        - https-redirectscheme
      tls: {}
      service: secure-webserver
    homeassistant:
      entryPoints:
        - "https"
      rule: "Host(`epad.domain.tld`)"
      middlewares:
        - https-redirectscheme
      tls: {}
      service: homeassistant
#endregion
#region services
  services:
    secure-webserver:
      loadBalancer:
        servers:
          - url: "https://192.168.xxx.xxx:80"
        passHostHeader: true
    homeassistant:
      loadBalancer:
        servers:
          - url: "http://192.168.xxx.xxx:8123"
        passHostHeader: true
    secured:
      chain:
        middlewares:
        - default-whitelist

My stack details:

version: '3'

services:
  traefik:
    image: traefik:latest
    container_name: traefik
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    networks:
      - docker-net
    ports:
      - 1180:80
      - 11443:443
      - 8080:8080
    environment:
      - CF_API_EMAIL=toro@toto.com
      - CF_DNS_API_TOKEN=nexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx6zB-
      # - CF_API_KEY=YOUR_API_KEY
      # be sure to use the correct one depending on if you are using a token or key
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /mnt/user/appdata/docker/traefik/conf/traefik.yml:/traefik.yml:ro
      - /mnt/user/appdata/docker/traefik/conf/acme.json:/acme.json
      - /mnt/user/appdata/docker/traefik/conf/config.yml:/config.yml:ro
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.entrypoints=http"
      - "traefik.http.routers.traefik.rule=Host(`traefik.domain.tld`)"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=thename:xxxxxxxxx"
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
      - "traefik.http.routers.traefik-secure.entrypoints=https"
      - "traefik.http.routers.traefik-secure.rule=Host(`traefik.domain.tld`)"
      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
      - "traefik.http.routers.traefik-secure.tls=true"
      - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
      - "traefik.http.routers.traefik-secure.tls.domains[0].main=domain.tld"
      - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.domain.tld"
      - "traefik.http.routers.traefik-secure.service=api@internal"
      - "traefik.http.middlewares.security-headers.headers.accesscontrolallowmethods=GET, OPTIONS, PUT"
      - "traefik.http.middlewares.security-headers.headers.accesscontrolmaxage=100"
      - "traefik.http.middlewares.security-headers.headers.addvaryheader=true"
      - "traefik.http.middlewares.security-headers.headers.hostsproxyheaders=X-Forwarded-Host"
      - "traefik.http.middlewares.security-headers.headers.sslredirect=true"
      - "traefik.http.middlewares.security-headers.headers.sslproxyheaders.X-Forwarded-Proto=https"
      - "traefik.http.middlewares.security-headers.headers.stsseconds=63072000"
      - "traefik.http.middlewares.security-headers.headers.stsincludesubdomains=true"
      - "traefik.http.middlewares.security-headers.headers.stspreload=true"
      - "traefik.http.middlewares.security-headers.headers.forcestsheader=true"
      - "traefik.http.middlewares.security-headers.headers.framedeny=true"
      - "traefik.http.middlewares.security-headers.headers.contenttypenosniff=true"
      - "traefik.http.middlewares.security-headers.headers.browserxssfilter=true"
      - "traefik.http.middlewares.security-headers.headers.referrerpolicy=same-origin"
      - "traefik.http.middlewares.security-headers.headers.featurepolicy=camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none'; vr 'none';"
      - "traefik.http.middlewares.security-headers.headers.customresponseheaders.X-Robots-Tag=none,noarchive,nosnippet,notranslate,noimageindex"

networks:
  docker_net:
     external: true
2

You should have just searched for "chain" :wink:

That Traefik service declaration looks strange, see the reference.

3

oups very confused ....
Pb resolved.
Ths a lot, traefik is fully functionnal.