typedef
October 14, 2020, 10:16pm
1
Hello community! I'm trying to configure a weird setup. Server hosts an Apache server that listens on 80 and 443 (random.domain ). Traefik listens on 65000 (HTTP) and 65001 (HTTPS) for a different domain (subdomain.random.domain and some.random.domain ). Traefik dashboard listens on localhost:65002.
The issue I have is that when I make a request for http://subdomain.random.domain:65000 http://some.random.domain:65000 https://random.domain
Would appreciate if anyone could point me to the right direction.
This is my configuration:
traefik.toml
[entryPoints]
[entryPoints.dashboard]
address = ":9090"
[entryPoints.web]
address = ":80"
[entryPoints.web.http]
[entryPoints.web.http.redirections]
[entryPoints.web.http.redirections.entryPoint]
to = "websecure"
scheme = "https"
[entryPoints.websecure]
address = ":443"
[api]
dashboard = true
[providers]
[providers.file]
directory = "/dynconf"
watch = true
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
network = "traefik_network"
exposedByDefault = false
docker-compose.yml
version: '3.7'
services:
# traefik service
traefik:
image: "traefik:v2.2"
labels:
- "traefik.enable=true"
- "traefik.http.routers.to-dashboard.rule=Host(`dashboard.local`)"
- "traefik.http.routers.to-dashboard.entrypoints=dashboard"
- "traefik.http.routers.to-dashboard.middlewares=auth"
- "traefik.http.routers.to-dashboard.service=api@internal"
- "traefik.http.middlewares.auth.basicauth.users=admin:<PASSWORD>"
container_name: "traefik"
ports:
- "65000:80"
- "65001:443"
- "127.0.0.1:65002:9090"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "/home/traefik/traefik.toml:/traefik.toml:ro"
- "/home/traefik/letsencrypt/acme.json:/acme.json"
- "/home/traefik/dynconf/dyn.toml:/dynconf/dyn.toml"
- "/home/traefik/certs/:/certs/"
httpecho:
image: "hashicorp/http-echo"
container_name: "httpecho"
command: "-text='hello world!'"
labels:
- "traefik.enable=true"
- "traefik.http.routers.to-httpecho.rule=Host(`subdomain.random.domain`)"
- "traefik.http.routers.to-httpecho.entrypoints=web"
- "traefik.http.routers.to-httpecho.middlewares=https_redirect"
- "traefik.http.routers.to-httpecho-secure.rule=Host(`subdomain.random.domain`)"
- "traefik.http.routers.to-httpecho-secure.entrypoints=websecure"
- "traefik.http.routers.to-httpecho-secure.tls=true"
- "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.https_redirect.redirectscheme.permanent=true"
whoami:
image: "traefik/whoami"
container_name: "whoami"
labels:
- "traefik.enable=true"
- "traefik.http.routers.to-whoami.rule=Host(`some.random.domain`)"
- "traefik.http.routers.to-whoami.entrypoints=web"
- "traefik.http.routers.to-whoami.middlewares=https_redirect"
- "traefik.http.routers.to-whoami-secure.rule=Host(`some.random.domain`)"
- "traefik.http.routers.to-whoami-secure.entrypoints=websecure"
- "traefik.http.routers.to-whoami-secure.tls=true"
- "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.https_redirect.redirectscheme.permanent=true"
networks:
default:
external:
name: "traefik_network"
ldez
October 15, 2020, 12:02am
2
Hello,
Traefik creates the redirection base on the entry points, your entry points are on 80, 443, and 9090.
You have to change the entry points ports to 65000 and 65001 and change your ports mappings.
You can also simplify your configuration:
version: '3.7'
services:
traefik:
image: traefik:v2.3.1
container_name: traefik
ports:
- 65000:65000
- 65001:65001
- 127.0.0.1:65002:65002
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /home/traefik/letsencrypt/acme.json:/acme.json
- /home/traefik/dynconf/dyn.toml:/dynconf/dyn.toml
- /home/traefik/certs/:/certs/
command:
- --api
- --entrypoints.dashboard.address=:65002
- --entrypoints.web.address=:65000
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
- --entrypoints.web.http.redirections.entrypoint.permanent=true
- --entrypoints.websecure.address=:65001
- --entrypoints.websecure.http.tls=true
- --providers.docker.exposedByDefault=false
- --providers.docker.network=traefik_network
- --providers.file.directory=/dynconf
- --providers.file.watch=true
labels:
traefik.enable: 'true'
traefik.http.routers.to-dashboard.rule: Host(`dashboard.local`)
traefik.http.routers.to-dashboard.entrypoints: dashboard
traefik.http.routers.to-dashboard.middlewares: auth
traefik.http.routers.to-dashboard.service: api@internal
traefik.http.middlewares.auth.basicauth.users: admin:<PASSWORD>
httpecho:
image: hashicorp/http-echo
container_name: httpecho
command: "-text='hello world!'"
labels:
traefik.enable: 'true'
traefik.http.routers.to-httpecho-secure.rule: Host(`subdomain.random.domain`)
traefik.http.routers.to-httpecho-secure.entrypoints: web,websecure
whoami:
image: traefik/whoami
container_name: whoami
labels:
traefik.enable: 'true'
traefik.http.routers.to-whoami-secure.rule: Host(`some.random.domain`)
traefik.http.routers.to-whoami-secure.entrypoints: web,websecure
networks:
default:
external:
name: traefik_network
If you to keep your port mapping, your have to change the flag --entrypoints.web.http.redirections.entrypoint.to=websecure to --entrypoints.web.http.redirections.entrypoint.to=:65001
version: '3.7'
services:
traefik:
image: traefik:v2.3.1
container_name: traefik
ports:
- 65000:80
- 65001:443
- 127.0.0.1:65002:8080
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /home/traefik/letsencrypt/acme.json:/acme.json
- /home/traefik/dynconf/dyn.toml:/dynconf/dyn.toml
- /home/traefik/certs/:/certs/
command:
- --api
- --entrypoints.dashboard.address=:8080
- --entrypoints.web.address=:80
- --entrypoints.web.http.redirections.entrypoint.to=:65001
- --entrypoints.web.http.redirections.entrypoint.scheme=https
- --entrypoints.web.http.redirections.entrypoint.permanent=true
- --entrypoints.websecure.address=:443
- --entrypoints.websecure.http.tls=true
- --providers.docker.exposedByDefault=false
- --providers.docker.network=traefik_network
- --providers.file.directory=/dynconf
- --providers.file.watch=true
labels:
traefik.enable: 'true'
traefik.http.routers.to-dashboard.rule: Host(`dashboard.local`)
traefik.http.routers.to-dashboard.entrypoints: dashboard
traefik.http.routers.to-dashboard.middlewares: auth
traefik.http.routers.to-dashboard.service: api@internal
traefik.http.middlewares.auth.basicauth.users: admin:<PASSWORD>
httpecho:
image: hashicorp/http-echo
container_name: httpecho
command: "-text='hello world!'"
labels:
traefik.enable: 'true'
traefik.http.routers.to-httpecho-secure.rule: Host(`subdomain.random.domain`)
traefik.http.routers.to-httpecho-secure.entrypoints: web,websecure
whoami:
image: traefik/whoami
container_name: whoami
labels:
traefik.enable: 'true'
traefik.http.routers.to-whoami-secure.rule: Host(`some.random.domain`)
traefik.http.routers.to-whoami-secure.entrypoints: web,websecure
networks:
default:
external:
name: traefik_network
1 Like
Thank you so much for all this information!
system
October 18, 2020, 8:16pm
4
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.