Hello,
i am new on traefik. I have used traefik to bring up many docker containers. This setup works very good. Then i have found a howto to bring up a local service. Wonderful i thing. So i will bring up the local openmediavault gui and cockpit web gui to a subdomain. My setup:
Traefik in a docker container on Debian Buster
My docker-compose.yml:
version: '3'
services:
traefik:
image: traefik:latest
container_name: traefik
restart: unless-stopped
networks:
- proxy
ports:
- 80:80
- 443:443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data/traefik.yml:/traefik.yml:ro
- ./data/acme.json:/acme.json
- ./data/config.yml:/config.yml:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.entrypoints=http"
- "traefik.http.routers.traefik.rule=Host(`traefik.domain.tld`)"
- "traefik.http.middlewares.traefik-auth.basicauth.users=user:password
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
- "traefik.http.routers.traefik-secure.entrypoints=https"
- "traefik.http.routers.traefik-secure.rule=Host(`traefik.domain.tld`)"
- "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.routers.traefik-secure.tls.certresolver=http"
- "traefik.http.routers.traefik-secure.service=api@internal"
networks:
proxy:
external: true
My data/traefik.yml:
api:
dashboard: true
entryPoints:
http:
address: ":80"
https:
address: ":443"
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
file:
filename: config.yml
certificatesResolvers:
http:
acme:
email: my@mail.tld
storage: acme.json
httpChallenge:
entryPoint: http
My data/config.yml
http:
routers:
omv:
entryPoints:
- "https"
- "http"
rule: "Host(`omv.domain.tld`)"
middlewares:
- default-headers
tls:
certResolver: http
service: omv
cockpit:
entryPoints:
- "https"
rule: "Host(`cockpit.domain.tld`)"
middlewares:
- default-headers
tls:
certResolver: http
service: cockpit
services:
omv:
loadBalancer:
servers:
- url: "http://192.168.178.191:2485"
passHostHeader: true
cockpit:
loadBalancer:
servers:
- url: "http://192.168.178.191:9090"
passHostHeader: true
middlewares:
https-redirect:
redirectScheme:
scheme: https
default-headers:
headers:
frameDeny: true
sslRedirect: true
browserXssFilter: true
contentTypeNosniff: true
forceSTSHeader: true
stsIncludeSubdomains: true
stsPreload: true
default-whitelist:
ipWhiteList:
sourceRange:
# - "10.0.0.0/24"
- "192.168.178.0/16"
- "172.20.0.0/16"
secured:
chain:
middlewares:
- default-whitelist
- default-headers
The domains and user credentials have i erased.
cockpit service has a config file in /etc/cockpit/cockpit.conf
[WebService]
Origins = https://host-cockpit.mydomain.com wss://host-cockpit.mydomain.com
ProtocolHeader = X-Forwarded-Proto
AllowUnencrypted=true
The howto is here to found
My problems:
- The containers work only with https. When i use omv.domain.tld there is no redirect to https. I becom a "404 page not found". With https works omv very good. How can i setup the https redirect?? I thing in default-headers is a redirect. "http" in entrypoint is not the solution, no effect.
- The same on cockpit. But when i use https://cockpit... i become the login page. After login have i a blank, white page. Where is my error???
I am a beginner on traffic and v2 is very new so google can't help me. I hope to find a solution
Many thanks
igonixio