I am having some trouble configuring a non docker app to work in Traefik 2. I am using a wildcard certificate which seems to be working correctly but when I go to the URL in the browser, it returns the message "404 page not found".
I have the following TOML config in a rules folder:
[tcp.routers]
[tcp.routers.syn-rtr]
entryPoints = ["https"]
rule = "HostSNI(`synology.robshomelab.net`)"
service = "syn-svc"
[tcp.routers.syn-rtr.tls]
certresolver = "dns-cloudflare"
passthrough = true
[tcp.services]
[tcp.services.syn-svc]
[tcp.services.syn-svc.loadBalancer]
[[tcp.services.syn-svc.loadBalancer.servers]]
address = "192.168.X.XXX:XXXX" # or whatever your external host's IP:port is
My Traefik set-up in my docker compose file is:
# Traefik
traefik:
image: traefik:2.2.1
container_name: traefik-dashboard
volumes:
- ${DOCKERCONFDIR}/traefik/rules:/rules
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${DOCKERCONFDIR}/traefik/acme/acme.json:/acme.json
- ${DOCKERCONFDIR}/traefik/traefik.log:/traefik.log
- ${DOCKERCONFDIR}/traefik/shared:/shared
ports:
- target: 80
published: 8880
protocol: tcp
mode: host
- target: 443
published: 4443
protocol: tcp
mode: host
- target: 8080
published: 8080
protocol: tcp
mode: host
networks:
- t2_proxy
security_opt:
- no-new-privileges:true
environment:
- CF_API_EMAIL=${CLOUDFLARE_EMAIL}
- CF_API_KEY=${CLOUDFLARE_API_KEY}
command:
- --global.checkNewVersion=true
- --global.sendAnonymousUsage=true
- --entryPoints.http.address=:80
- --entryPoints.https.address=:443
# Allow these IPs to set the X-Forwarded-* headers - Cloudflare IPs: https://www.cloudflare.com/ips/
#- --entrypoints.https.forwardedHeaders.trustedIPs=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/12,172.64.0.0/13,131.0.72.0/22
- --entryPoints.traefik.address=:8080
- --api=true
# - --api.insecure=true
# - --serversTransport.insecureSkipVerify=true
- --log=true
- --log.level=DEBUG # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
- --accessLog=true
- --accessLog.filePath=/traefik.log
- --accessLog.bufferingSize=100 # Configuring a buffer of 100 lines
- --accessLog.filters.statusCodes=400-499
- --providers.docker=true
- --providers.docker.endpoint=unix:///var/run/docker.sock
- --providers.docker.defaultrule=Host(`{{ index .Labels "com.docker.compose.service" }}.${DOMAINNAME}`)
- --providers.docker.exposedByDefault=false
- --providers.docker.network=t2_proxy
- --providers.docker.swarmMode=false
- --providers.file.directory=/rules # Load dynamic configuration from one or more .toml or .yml files in a directory.
# - --providers.file.filename=/path/to/file # Load dynamic configuration from a file.
- --providers.file.watch=true # Only works on top level files in the rules folder
# - --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing
- --certificatesResolvers.dns-cloudflare.acme.email=${CLOUDFLARE_EMAIL}
- --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
- --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
- --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53
labels:
- "traefik.enable=true"
# HTTP-to-HTTPS Redirect
- "traefik.http.routers.http-catchall.entrypoints=http"
- "traefik.http.routers.http-catchall.rule=HostRegexp(`{any:.+}`)"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# HTTP Routerss
- "traefik.http.routers.traefik-rtr.entrypoints=https"
- "traefik.http.routers.traefik-rtr.rule=Host(`traefik.${DOMAINNAME}`)"
- "traefik.http.routers.traefik-rtr.tls=true"
- "traefik.http.routers.traefik-rtr.tls.certresolver=dns-cloudflare" # Comment out this line after first run of traefik to force the use of wildcard certs
- "traefik.http.routers.traefik-rtr.tls.domains[0].main=${DOMAINNAME}"
- "traefik.http.routers.traefik-rtr.tls.domains[0].sans=*.${DOMAINNAME}"
## Services - API
- "traefik.http.routers.traefik-rtr.service=api@internal"
## Middlewares
# - "traefik.http.routers.traefik-rtr.middlewares=chain-no-auth@file"
- "traefik.http.routers.traefik-rtr.middlewares=chain-oauth@file"
restart: unless-stopped
Is there anything I'm doing wrong here for non docker apps?
Rob