Sorry for dragging this old chestnut up again.
I'm using nomad. Here's my configuration:
"Tags": [
"traefik.enable=true",
"traefik.http.routers.mysite-master-website-dubdubdub.rule=Host(`www.mysite.com`)",
"traefik.http.routers.mysite-master-website-dubdubdub.middlewares=redirect-naked",
"traefik.http.routers.mysite-master-website-http.entrypoints=web",
"traefik.http.routers.mysite-master-website-http.rule=Host(`mysite.com`)",
"traefik.http.routers.mysite-master-website-http.middlewares=redirect-web-secure",
"traefik.http.routers.mysite-master-website-https.entrypoints=websecure",
"traefik.http.routers.mysite-master-website-https.rule=Host(`mysite.com`)",
"traefik.http.routers.mysite-master-website-https.tls.certresolver=buypass",
"traefik.http.middlewares.redirect-naked.redirectregex.regex=^https?://(?:www\\.)?(.+)",
"traefik.http.middlewares.redirect-naked.redirectregex.replacement=https://${1}",
"traefik.http.middlewares.redirect-naked.redirectregex.permanent=true",
"traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https",
"traefik.http.middlewares.redirect-web-secure.redirectscheme.permanent=true",
"traefik.http.services.mysite-master-website.loadbalancer.healthcheck.path=/"
],
$ curl -I http://www.mysite.com/index.html
HTTP/1.1 308 Permanent Redirect
Location: https://mysite.com/index.html
Great!
$ curl -I https://www.mysite.com/index.html
HTTP/2 404
Oh...
I can't tell if there's something wrong with the regex (which I've tested on regex101) or something to do with the parallel redirectscheme rule.
Simplify config, place http-to-https redirect globally on entrypoint. Check simple Traefik example . Then use a single router:
whoami:
image: traefik/whoami:v1.10
networks:
- proxy
labels:
- traefik.enable=true
- traefik.http.routers.mywhoami.rule=Host(`whoami.example.com`) || Host(`www.whoami.example.com`)
- traefik.http.services.mywhoami.loadbalancer.server.port=80
# next lines are optional to redirect www to non-www
- traefik.http.middlewares.mywwwredirect.redirectregex.regex=^https://www\.(.*)
- traefik.http.middlewares.mywwwredirect.redirectregex.replacement=https://$${1}
- traefik.http.routers.mywhoami.middlewares=mywwwredirect
1 Like
Thanks. We have multiple services using the same Traefik instances and I'm not sure we want to always redirect http to https for all of these, so if you have any less global suggestions that would be great...
Is there a way of logging the router routings?
Something like this should work:
labels:
- traefik.http.middlewares.mytlsredirect.redirectscheme.scheme=https
- traefik.http.middlewares.mytlsredirect.redirectscheme.permanent=true
- traefik.http.middlewares.mywwwredirect.redirectregex.regex=^https://www\.(.*)
- traefik.http.middlewares.mywwwredirect.redirectregex.replacement=https://${1}
- traefik.http.routers.mywhoami.middlewares=mytlsredirect,mywwwredirect
For logging, you can enable Traefik debug log and/or Traefik access log in JSON format. Both should contain router info.
1 Like
Worked it out! The problem was my websecure router didn't have a tls.certresolver configuration. When I added that, it started matching requests to https://www.mysite.com to the appropriate router.
system
April 17, 2025, 3:00pm
6
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.