Hi,
Currently I've found Traefik solves a bunch of problems and is a great help in my projects.
Nowdays I have a project with FastAPI (Python) which handle everything to generate an OpenAPI site to review and test the endpoints of the API.
I'd like to know why since I've deployed the site using Traefik, the authentication for the OpenAPI is returning " auth error TypeError: NetworkError when attempting to fetch resource." inside of the login, since I've applied the configuration to start the endpoints through Traefik this is what I've noticed.
The authentication in my application outside the OpenAPI site seems to work fine as the endpoint I use to authenticate works from the outside (testing with the my web and mobile application and Postman).
This is my docker-compose configuration for Traefik
services:
traefik:
image: traefik:v2.3
ports:
- 80:80
- 443:443
restart: always
labels:
- traefik.enable=true
- traefik.http.services.traefik-dashboard.loadbalancer.server.port=8080
- traefik.http.routers.traefik-dashboard-http.entrypoints=http
- traefik.http.routers.traefik-dashboard-http.rule=Host(`myserver.com`)
- traefik.docker.network=traefik-public
- traefik.http.routers.traefik-dashboard-https.entrypoints=https
- traefik.http.routers.traefik-dashboard-https.rule=Host(`myserver.com`)
- traefik.http.routers.traefik-dashboard-https.tls=true
- traefik.http.routers.traefik-dashboard-https.tls.certresolver=le
- traefik.http.routers.traefik-dashboard-https.service=api@internal
- traefik.http.middlewares.https-redirect.redirectscheme.scheme=https
- traefik.http.middlewares.https-redirect.redirectscheme.permanent=true
- traefik.http.routers.traefik-dashboard-http.middlewares=https-redirect
- traefik.http.middlewares.admin-auth.basicauth.users=${USERNAME?Variable not set}:${HASHED_PASSWORD? Variable not set}
- traefik.http.routers.traefik-dashboard-https.middlewares=admin-auth
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- traefik-public-certificates:/certificates
command:
- --providers.docker
- --providers.docker.exposedbydefault=true
- --entrypoints.http.address=:80
- --entrypoints.https.address=:443
- --certificatesresolvers.le.acme.email=my@email.com
- --certificatesresolvers.le.acme.storage=/certificates/acme.json
- --certificatesresolvers.le.acme.tlschallenge=true
- --accesslog
- --log
- --api
networks:
- traefik-public
volumes:
traefik-public-certificates:
networks:
traefik-public:
external: true
and this is my api docker-compose configuration for the FastAPI server
version: '3.8'
services:
api:
build: ./
image: fastapi-base:latest
volumes:
- type: bind
source: .
target: /app/
restart: always
labels:
- traefik.enable=true
- traefik.http.services.app.loadbalancer.server.port=80
- traefik.http.routers.app-http.entrypoints=http
- traefik.http.routers.app-http.rule=Host(`myserver.com`)
- traefik.docker.network=traefik-public
- traefik.http.routers.app-https.entrypoints=https
- traefik.http.routers.app-https.rule=Host('myserver.com')
- traefik.http.routers.app-https.tls=true
- traefik.http.routers.app-https.tls.certresolver=le
- traefik.http.middlewares.https-redirect.redirectscheme.scheme=https
- traefik.http.middlewares.https-redirect.redirectscheme.permanent=true
- traefik.http.routers.app-http.middlewares=https-redirect
- traefik.http.routers.app-https.middlewares=admin-auth
networks:
- traefik-public
networks:
traefik-public:
external: true
Special thanks to @tiangolo to help us understand better Traefik by sharing your knowledge in Youtube.
Best regards,
Claudio.