Hello,
I'm trying to set up portainer behind traefik. Quite new on traefik so pls forgive my inexperience
Here my configuration files:
docker-compose.yaml
services:
traefik:
image: traefik:v3.3.2
container_name: traefik
ports:
- "80:80"
- "443:443"
- "8080:8080"
environment:
- CF_API_EMAIL=mymail
- CF_DNS_API_TOKEN=mytoken
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./config/traefik.yaml:/etc/traefik/traefik.yaml:ro
- ./config/config.yaml:/etc/traefik/config.yaml:ro
- ./data/certs/:/var/traefik/certs/:rw
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.entrypoints=web"
- "traefik.http.routers.traefik.rule=Host(`traefik.mydomain.com`)"
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=websecure"
- "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=websecure"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
- "traefik.http.routers.traefik-secure.entrypoints=websecure"
- "traefik.http.routers.traefik-secure.rule=Host(`traefik.mydomain.com`)"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
- "traefik.http.routers.traefik-secure.tls.domains[0].main=mydomain.com"
- "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.mydomain.com"
- "traefik.http.routers.traefik-secure.service=api@internal"
networks:
- Esterna
restart: unless-stopped
networks:
Esterna:
external: true
traefik.yaml
global:
checkNewVersion: false
sendAnonymousUsage: false
api:
dashboard: true
insecure: true
entryPoints:
web:
address: :80
http:
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: :443
certificatesResolvers:
cloudflare:
acme:
email: "mymail"
storage: /var/traefik/certs/cloudflare-acme.json
caServer: "https://acme-v02.api.letsencrypt.org/directory"
#caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
keyType: EC256
#-- (Optional) Configure DNS Challenge
dnsChallenge:
provider: cloudflare
resolvers:
- "1.1.1.1:53"
- "8.8.8.8:53"
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
file:
directory: /etc/traefik
watch: true
log:
level: "INFO"
and here the dynamic configuration file config.yaml
http:
middlewares:
https-redirectscheme:
redirectScheme:
scheme: https
permanent: true
routers:
portainer:
entrypoints:
- "websecure"
rule: "Host('portainer1.mydomain.com')"
middlewares:
- https-redirectscheme
tls: {}
service: portainer
services:
portainer:
loadBalancer:
servers:
- url: "http://192.168.2.39:9443"
passHostHeader: true
I got this error in the traefik log:
2025-02-04T11:15:21Z ERR error="error while parsing rule Host('portainer1.mydomain.com'): 1:6: illegal rune literal" entryPointName=websecure routerName=portainer@file
2025-02-04T11:15:21Z ERR error="invalid rule Host('portainer1.villafrel.it'), error: error while parsing rule Host('portainer1.mydomain.com'): 1:6: illegal rune literal" entryPointName=websecure routerName=portainer@file
2025-02-04T11:15:21Z ERR error="error while parsing rule Host('portainer1.mydomain.com'): 1:6: illegal rune literal" entryPointName=websecure routerName=portainer@file
2025-02-04T11:15:21Z ERR error="invalid rule Host('portainer1.mydomain.com'), error: error while parsing rule Host('portainer1.mydomain.com'): 1:6: illegal rune literal" entryPointName=websecure routerName=portainer@file
DNS is ok (I can ping the Host).
IP address is ok (I can reach portainer directly)
thank you