Hi
I have a web app in Docker:
FRONT
react
BACK
lravel-echo-server
nginx
redis
php-fpm
......
To work with it i go to 127.0.0.1:5000(FRONT-react port) and everything fine.It sends requests to the backend, nginx manages them.
Now I need to add HTTPS. In fact, I need reverse-proxy. My application does not know how to work over https, so the logic of work for it should not change, it should think that it works over http with itself. But at the same time, it needs to stick out and work in the browser via HTTPS.
I try to place Traefik to FRONT to 80 port/
version: '3.5'
networks:
frontend:
driver: ${NETWORKS_DRIVER}
backend:
driver: ${NETWORKS_DRIVER}
volumes:
react:
driver: ${VOLUMES_DRIVER}
traefik:
driver: ${VOLUMES_DRIVER}
services:
### react #####################################################
react:
image: ${REGISTRY_URL}/react
ports:
- "5000:3000"
stdin_open: true
environment:
- CHOKIDAR_USEPOLLING=true
- REACT_APP_SCHEME=${REACT_APP_SCHEME}
- REACT_APP_BACKEND_PORT=${REACT_APP_BACKEND_PORT}
- REACT_APP_LARAVEL_ECHO_PORT=${REACT_APP_LARAVEL_ECHO_PORT}
- REACT_CLIENT_ID=${REACT_CLIENT_ID}
- REACT_CLIENT_SECRET=${REACT_CLIENT_SECRET}
labels:
- traefik.http.routers.https.rule=Host(`${DOMAIN}`)
- traefik.http.routers.https.entrypoints=https
#- traefik.http.routers.https.tls=true
#- traefik.http.routers.https.tls.certresolver=${CERT_RESOLVER}
networks:
- frontend
- backend
restart: always
### traefik #####################################################
traefik:
image: traefik:latest
command:
# Be careful in production as it exposes the traffic you might not want to expose.
#--log.level=DEBUG
- --entrypoints.http.address=:80
- --entrypoints.https.address=:443
- --providers.docker=true
- --api=true
# LetsEncrypt Staging Server - uncomment when testing
# - --certificatesResolvers.letsencrypt.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.letsencrypt.acme.httpchallenge=true
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http
- --certificatesresolvers.letsencrypt.acme.email=${EMAIL}
- --certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json
labels:
# Redirect all HTTP traffic to HTTPS
- traefik.http.routers.to-https.rule=HostRegexp(`{host:.+}`)
- traefik.http.routers.to-https.entrypoints=http
- traefik.http.routers.to-https.middlewares=to-https
- traefik.http.routers.traefik.rule=Host(`traefik.${DOMAIN}`)
- traefik.http.routers.traefik.entrypoints=https
- traefik.http.routers.traefik.middlewares=auth
- traefik.http.routers.traefik.service=api@internal
- traefik.http.routers.traefik.tls=true
- traefik.http.routers.traefik.tls.certresolver=${CERT_RESOLVER}
- traefik.http.middlewares.to-https.redirectscheme.scheme=https
ports:
- 80:80
- 443:443
volumes:
- ./data/letsencrypt:/letsencrypt
- /var/run/docker.sock:/var/run/docker.sock:ro
stdin_open: true
networks:
- frontend
- backend
restart: always
My docker-compose here.
Now when i try in Mozilla HTTP, everything fine with IP or domain.
But when i try HTTPS(dont disable in Mozilla) my backend sends errors.
Apparently he tries to work on https too. It's like a redirect, but not a reverse proxy.
What should I do so that my Traefik will stand in front of React on port 80, and only accept requests on 443, and then send them to react on port 5000 over HTTP? Maybe compose in not clear but everything i want is https to my react