Hi everyone!
I am posting this because I have doubts on how to implement this and since I am not a super network expert I would like to have some advice.
Yesterday I exposed a vaultwarden container and everything works fine, to be clear it something like vault.mydomain.com. I noticed though that the admin page is still visible to everyone (of course a token is needed to access it). To limit access to it I thought of redirecting /admin to something like vault.intern.mydomain.com. Is something like this even possible? If you need details on how I configured traefik of course just ask.
Thanks to anyone
You can create an additional router with rule Host() && PathPrefix(`/admin`), then use redirect middleware and noop@internal service.
@bluepuma77 Thanks for the reply:
I tried with something like this:
labels:
traefik.enable: true
traefik.docker.network: proxy
traefik.http.routers.vaultwarden.rule: Host(`pass.${DOMAIN}`) && PathPrefix(`/admin`)
traefik.http.routers.vaultwarden.entryPoints: https-external
traefik.http.routers.vaultwarden.middlewares: redirect-to-404@file
# Router for /admin path on pass.home.mydomain.com
traefik.http.routers.vaultwarden-admin.rule: Host(`pass.home.${DOMAIN}`) &&
PathPrefix(`/admin`)
traefik.http.routers.vaultwarden-admin.entryPoints: https
with middlewares as:
redirect-to-404:
errors:
status:
- "404"
service: noop@internal
So my mind process was like this:
If user reaches pass.mydomain.com and tries to access path /admin it receives a 404
If the user reaches pass.home.mydomain.com then he can access /admin (which is an internally reachable only subdomain)