Path-Based routing + Docker Compose not working

Desired Outcome:

• Backend needs "/"
• Frontend will be https://bob.home.local/traefik/dashboard/ , and so on.

Issue:

Path based routing will not work no matter how I try. I've striped down my docker-compose to just traefik and the dashboard, and I cannot figure it out.

curl:

curl -Ik https://bob.home.local/traefik/
HTTP/2 301
content-type: text/html; charset=utf-8
location: /traefik
date: Sun, 14 Jul 2019 19:50:30 GMT

curl -Ik https://bob.home.local/traefik
HTTP/2 404
content-type: text/plain; charset=utf-8
date: Sun, 14 Jul 2019 19:51:24 GMT
x-content-type-options: nosniff
content-length: 19

Docker-compose

version: "3.5"

services:
### Traefik for reverse proxy to containers.
  traefik:
    container_name: traefik
    image: arm64v8/traefik:alpine
    dns_search: 
      - home.local
      - bob.home.local
    environment:
      - TZ=America/Los_Angeles
      - PUID=1024
      - PGID=100
    ports:
      - protocol: tcp
        published: 80
        target: 80
      - protocol: tcp
        published: 443
        target: 443
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - traefik-config:/etc/traefik:nocopy,ro
    labels:
      - traefik.enable=true
      - traefik.port=8080
      - traefik.frontend.rule=PathStrip:/traefik; Path:/traefik

volumes:
### NFS details for Traefik
  traefik-config:
    driver: local
    driver_opts:
      type: nfs
      o: addr=nas,vers=4,sec=sys
      device: :/volume1/bob/traefik

traefik

debug = false
logLevel = "DEBUG"

defaultEntryPoints = ["http","https"]
  [entryPoints]
    [entryPoints.http]
      address = ":80"
        [entryPoints.http.redirect]
          entryPoint = "https"

    [entryPoints.https]
      address = ":443"
        [entryPoints.https.tls]
          optional = true

[retry]

# Docker Container Dynamic Mapping
[docker]
  endpoint = "unix:///var/run/docker.sock"
  domain = "home.local"
  watch = true
  exposedbydefault = false

# Healh Check
[ping]
  entryPoint = "traefik"

# Dashboard
[api]
  entryPoint = "traefik"
  dashboard = true

Hi,

instead of your label

• traefik.frontend.rule=PathStrip:/traefik; Path:/traefik

try this one:

• traefik.frontend.rule=Host:home.local;PathPrefixStrip:/traefik;PathPrefix:/traefik

works for me...

Thank you for the fast reply, but sadly that did not work:

curl -vIk https://bob.home.local/traefik
*   Trying 192.168.1.153...
* TCP_NODELAY set
* Connected to bob.home.local (192.168.1.153) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=TRAEFIK DEFAULT CERT
*  start date: Jul 14 21:01:20 2019 GMT
*  expire date: Jul 13 21:01:20 2020 GMT
*  issuer: CN=TRAEFIK DEFAULT CERT
*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7f89b0000400)
> HEAD /traefik HTTP/2
> Host: bob.home.local
> User-Agent: curl/7.54.0
> Accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
< HTTP/2 404
HTTP/2 404
< content-type: text/plain; charset=utf-8
content-type: text/plain; charset=utf-8
< x-content-type-options: nosniff
x-content-type-options: nosniff
< content-length: 19
content-length: 19
< date: Sun, 14 Jul 2019 21:04:01 GMT
date: Sun, 14 Jul 2019 21:04:01 GMT

<
* Connection #0 to host bob.home.local left intact

In fact, It does not even get matched in traefik:

time="2019-07-14T14:03:49-07:00" level=debug msg="Serving default cert for request: \"bob.home.local\""

and nothing more. Again, thank you.

ah, your host is bob.home.local so the rule should be

traefik.frontend.rule=Host:bob.home.local;PathPrefixStrip:/traefik;PathPrefix:/traefik

The rule can be simplified to:

      - "traefik.frontend.rule=PathPrefixStrip:/traefik"

As described in https://docs.traefik.io/v1.7/basics/#matchers:

• You can see any Path*Strip, which first matches the request, as its corresponding Path* counterpart, but second, rewrite the request to strip the prefix.
• Path only matches an exact path, not its subsequent-paths. So you have to use PathPrefix instead (or PathPrefixStrip in your case, to match all the sub-requests.

Last issue: the dashboard does not answer to HTTP's HEAD request (which is the kind of request emitted by curl with the option -I as per https://curl.haxx.se/docs/httpscripting.html#HEAD ). Try a full request as curl -v localhost/traefik.

Here is my complete and fully working example:

version: '3.7'

services:
  reverse-proxy:
    image: traefik:1.7.12
    command:
      - "--docker"
      - "--api"
    ports:
      - "80:80"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    labels:
      - "traefik.frontend.rule=PathPrefixStrip:/traefik"
      - "traefik.port=8080"