Overseer issue with Traefik

modem7 · February 19, 2021, 5:01pm

Hi guys,

I'm trying to publish Overseer via Traefik.

Mostly, it works, except for when there's a space in a search. When there's a space, it seems to reload the url constantly.

If I try it locally, the issue doesn't occur which leads me to believe the problem is in my Traefik configuration somewhere.

This is a screengrab of the issue at play:
https://user-images.githubusercontent.com/4349962/108533858-61d4cf00-72d1-11eb-905a-6a74dc51081c.mp4 (also available here: Interesting interaction with Traefik · Discussion #976 · sct/overseerr · GitHub)

Docker traefik setup:

 #Traefik 2 - Reverse Proxy
  traefik:
    container_name: Traefik
    hostname: Traefik
    image: traefik:picodon # the chevrotin tag refers to v2.3.x
    environment:
      - CF_API_EMAIL=$CLOUDFLARE_EMAIL
      - CF_API_KEY=$CLOUDFLARE_API_KEY
      #- PUID=$PUID
      #- PGID=$PGID
    command: # CLI arguments
      - --global.checkNewVersion=false
      - --global.sendAnonymousUsage=false
      - --entryPoints.http.address=:80
      - --entryPoints.https.address=:443
      - --entryPoints.traefik.address=:8080
      - --entryPoints.ping.address=:8081
      # - --entryPoints.openvpn.address=:1194/udp
        # Allow these IPs to set the X-Forwarded-* headers - Cloudflare IPs: https://www.cloudflare.com/ips/
      - --entrypoints.https.forwardedHeaders.trustedIPs=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/12,172.64.0.0/13,131.0.72.0/22
      - --pilot.token=$PILOTTOKEN
      - --api=true
      - --api.dashboard=true
      - --ping=true
#      - --api.insecure=true
      - --serversTransport.insecureSkipVerify=true
      - --log=true
      - --log.level=WARN # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
      # - --log.level=DEBUG
      - --accessLog=true
      - --accessLog.filePath=/traefik.log
      - --accessLog.bufferingSize=100 #Configuring a buffer of 100 lines
      - --accessLog.filters.statusCodes=400-499
      - --providers.docker=true
      - --providers.docker.endpoint=unix:///var/run/docker.sock
      - --providers.docker.defaultrule=Host(`{{ index .Labels "com.docker.compose.service" }}.$DOMAINNAME`)
      - --providers.docker.exposedByDefault=false
      # - --entrypoints.https.http.middlewares=chain-authelia@file
      # Add dns-cloudflare as default certresolver for all services. Also enables TLS and no need to specify on individual services.
      - --entrypoints.https.http.tls.options=tls-opts@file
      - --entrypoints.https.http.tls.certresolver=dns-cloudflare
      - --entrypoints.https.http.tls.domains[0].main=$DOMAINNAME
      - --entrypoints.https.http.tls.domains[0].sans=*.$DOMAINNAME
      - --providers.docker.network=hda_pihole
      - --providers.docker.swarmMode=false
      - --providers.file.directory=/rules # Load dynamic configuration from one or more .toml or .yml files in a directory.
#     - --providers.file.filename=/path/to/file' # Load dynamic configuration from a file.
      - --providers.file.watch=true # Only works on top level files in the rules folder
#      - --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing
      - --certificatesResolvers.dns-cloudflare.acme.email=$CLOUDFLARE_EMAIL
      - --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53
      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.delayBeforeCheck=90 # To delay DNS check and reduce LE hitrate
    networks:
      pihole:
        ipv4_address: '172.22.0.114'
    ports:
      - 81:80
      - 444:443
      - 8082:8080 # Dashboard
      - 8083:8081 # Ping
      # - 1194:1194/udp # For OpenVPN
    labels:
      - autoheal=true
      - traefik.enable=true
      # HTTP-to-HTTPS Redirect
      - traefik.http.routers.http-catchall.entrypoints=http
      - traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)
      - traefik.http.routers.http-catchall.middlewares=redirect-to-https
      - traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
      # HTTP Routers
      - traefik.http.routers.traefik-rtr.entrypoints=https
      - traefik.http.routers.traefik-rtr.rule=Host(`traefik.$DOMAINNAME`)
      ## Services - API
      - traefik.http.routers.traefik-rtr.service=api@internal
      ## Healthcheck/ping
      - "traefik.http.routers.ping.rule=Host(`traefik.$DOMAINNAME`) && Path(`/ping`)"
      # - "traefik.http.routers.ping.tls=true"
      - "traefik.http.routers.ping.service=ping@internal"
      ## Middlewares
      # - traefik.http.routers.traefik-rtr.middlewares=chain-oauth@file
      - "traefik.http.routers.traefik-rtr.middlewares=chain-authelia@file" # Authelia
      # - traefik.http.routers.traefik-rtr.middlewares=chain-no-auth@file
    security_opt:
      - no-new-privileges:true
    depends_on: 
      - pihole
    # depends_on:
    #   pihole:
    #     condition: service_healthy
    healthcheck:
      test: ["CMD", "traefik", "healthcheck", "--ping"]
      interval: 5s
      retries: 3
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - $USERDIR/Traefik/rules:/rules 
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - $USERDIR/Traefik/acme/acme.json:/acme.json 
      - $USERDIR/Traefik/traefik.log:/traefik.log 
      - $USERDIR/Shared:/shared
    restart: unless-stopped
    mem_limit: 250m
    mem_reservation: 100m

App setup:

 #Overseer - Plex Request and user management system
  overseer:
    image: sctx/overseerr
    # image: sctx/overseerr:develop
    container_name: Overseer
    hostname: Overseer
    environment:
      - PUID=$PUID
      - PGID=$PGID
      - TZ=$TZ
      - LOG_LEVEL=info
      # - LOG_LEVEL=debug
    labels: 
      - autoheal=true
      - "traefik.enable=true"
      ## HTTP Routers
      - "traefik.http.routers.overseer-rtr.entrypoints=https"
      - "traefik.http.routers.overseer-rtr.rule=Host(`overseer.$DOMAINNAME`)"
      - "traefik.http.routers.overseer-rtr.tls=true"
      ## Middlewares
      - "traefik.http.routers.overseer-rtr.middlewares=chain-no-auth@file"
      ## HTTP Services
      - "traefik.http.routers.overseer-rtr.service=overseer-svc"
      - "traefik.http.services.overseer-svc.loadbalancer.server.port=5055"
    networks:
      pihole:
        ipv4_address: '172.22.0.117'
    ports:
      - "5055:5055"
    healthcheck:
      test: wget http://localhost:5055/api/v1/status -qO /dev/null || exit 1
      interval: 5s
      retries: 3
    volumes:
      - $USERDIR/Overseer:/app/config
    restart: always
    mem_limit: 500m
    mem_reservation: 200m

I've also tried to remove middlewares from the overseer config, but the issue still occurs. I'm not quite sure where to investigate next.

Topic		Replies	Views
Frequent Timeout Issues with Traefik Reverse Proxy Traefik v3 (latest) docker	0	405	January 20, 2025
Docker stack builds up but traefik and portainer are not responding from browser Traefik v1 docker-swarm	0	805	March 13, 2020
[SOLVED] Traefik's router uses a non-existent resolver Traefik v2 docker	2	16936	November 27, 2019
Traefik not connecting to Python apps on AWS Production using Docker Swarm Traefik v2 docker-swarm , middleware	5	486	September 6, 2023
Traefik 2.8.2 not happy with my yml file Traefik v2 docker , file	3	901	August 20, 2022

Overseer issue with Traefik

Related topics