Not loading all of my static configuration

Traefik Traefik v3 (latest)
,
1

I'm just getting started with Traefik so keeping it simple.

docker-compose.yaml:

version: '3'

services:
  reverse-proxy:
    # The official v3 Traefik docker image
    image: traefik:v3.3
    # Enables the web UI and tells Traefik to listen to docker
    ports:
      # The HTTP port
      - "8000:80"
      # The Web UI (enabled by --api.insecure=true)
      # - "8080:8080"
      # https port
      - "8443:443"
    volumes:
      # So that Traefik can listen to the Docker events
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./acme.json:/letsencrypt/acme.json:rw
      - ./traefik.yaml:/etc/traefik/traefik.yaml
      - ./htpasswd:/etc/traefik/htpasswd

  whoami:
    # A container that exposes an API to show its IP address
    image: traefik/whoami
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.entrypoints=web"
      - "traefik.http.routers.whoami.rule=PathPrefix(`/whoami/`)"
#      - "traefik.http.middlewares.basic-auth.basicAuth.usersFile=/etc/traefik/htpasswd"
      - "traefik.http.routers.whoami.middlewares=basic-auth@file"

traefik.yaml:

api:
  dashboard: false

log:
  level: DEBUG

providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedbydefault: false

entryPoints:
  web:
    address: ":80"
  websecure:
    address: ":443"

# generate user w/ password: echo $(htpasswd -nB user)

http:
  middlewares:
    basic-auth:
      basicAuth:
        usersFile: "/etc/traefik/htpasswd"

When I start up, I see that only the first part of my static config is loaded (nothing from the http.middlewares section) (ran through jq for easier reading):

Static configuration loaded [json] staticConfiguration=
{
  "api": {
    "basePath": "/"
  },
  "entryPoints": {
    "web": {
      "address": ":80",
      "forwardedHeaders": {},
      "http": {
        "maxHeaderBytes": 1048576
      },
      "http2": {
        "maxConcurrentStreams": 250
      },
      "observability": {
        "accessLogs": true,
        "metrics": true,
        "tracing": true
      },
      "transport": {
        "lifeCycle": {
          "graceTimeOut": "10s"
        },
        "respondingTimeouts": {
          "idleTimeout": "3m0s",
          "readTimeout": "1m0s"
        }
      },
      "udp": {
        "timeout": "3s"
      }
    },
    "websecure": {
      "address": ":443",
      "forwardedHeaders": {},
      "http": {
        "maxHeaderBytes": 1048576
      },
      "http2": {
        "maxConcurrentStreams": 250
      },
      "observability": {
        "accessLogs": true,
        "metrics": true,
        "tracing": true
      },
      "transport": {
        "lifeCycle": {
          "graceTimeOut": "10s"
        },
        "respondingTimeouts": {
          "idleTimeout": "3m0s",
          "readTimeout": "1m0s"
        }
      },
      "udp": {
        "timeout": "3s"
      }
    }
  },
  "global": {
    "checkNewVersion": true
  },
  "log": {
    "format": "common",
    "level": "DEBUG"
  },
  "providers": {
    "docker": {
      "defaultRule": "Host({{ normalize .Name }})",
      "endpoint": "unix:///var/run/docker.sock",
      "watch": true
    },
    "providersThrottleDuration": "2s"
  },
  "serversTransport": {
    "maxIdleConnsPerHost": 200
  },
  "tcpServersTransport": {
    "dialKeepAlive": "15s",
    "dialTimeout": "30s"
  }
}
reverse-proxy_1  | 2025-01-20T18:44:06Z INF github.com/traefik/traefik/v3/cmd/traefik/traefik.go:633 >

Which then results in the following expected error:

reverse-proxy_1  | 2025-01-20T18:44:06Z ERR github.com/traefik/traefik/v3/pkg/server/router/router.go:136 > error="middleware \"basic-auth@file\" does not exist" entryPointName=web routerName=whoami@docker

I've tried a number of things and nothing I seem to put in the http block ends up being loaded by the final config. I've also tried configuring the dashboard on the two endpoints and that doesn't work either.

2

http is Traefik dynamic config. Place it in a separate config file and load it in static config via providers.file(doc).

Or add it as labels, read by providers.docker, see simple Traefik example.

3

Yeah, I know how to do the docker labels thing... but that doesn't work well for everything (api@internal being the obvious one) and it's not very DRY for global config like my example.

Thanks for explaining the dynamic config thing has to go into it's own file... that was so very not obvious in the docs.

4

Not sure if I understand correctly, labels work very well with api@internal (example).

And in the next (minor?) Traefik release we hopefully get .loadbalancer.server.url= in labels (related post).

5

i dunno man, i tried assigning the label to the traefik container and it never worked and gave up. ended up having to add it to another container which worked. Figured it was some chicken/egg thing.

6

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.