Secure dashboard at / not at /dashboard/

I'm trying to expose traefik over SSL using a custom domain name.
Similar to how the insecure option works, that auto redirects / to /dashboard/.
It seems that the insecure options creates two internal middlewares. dashboard_stripprefix@internal and dashboard_redirect@internal, but they are not available when insecure=false.

https://traefik.insanegenius.net/ redirects to https://traefik.insanegenius.net/index.php/dashboard/? that is 404.
Removing the index.php and using https://traefik.insanegenius.net/dashboard/ works correctly.
The injection of index.php seems to be a bug?

How do I recreate the internal dashboard rules, or how do I enable them when insecure is not enabled, or how to I expose the dashboard directly at /?

Ansible config for container:

---

# Install Traefik bound to port forwarding network

# https://docs.ansible.com/ansible/latest/modules/docker_container_module.html
- name: 'Install Traefik Public'
  docker_container:
    name: traefik-public
    image: traefik
    pull: yes
    hostname: gateway
    domainname: "{{ ansible_domain }}"
    restart_policy: unless-stopped
    command:
      - "--configfile=/config/traefik-public.yml"
    env:
      TZ: "America/Los_Angeles"
    volumes:
      - "{{ appdata_dir }}/traefik/config:/config"
      - "/var/run/docker.sock:/var/run/docker.sock"
    networks:
      - name: "{{ docker_public_network }}"
        ipv4_address: 192.168.1.48 # gateway.home.insanegenius.net
      - name: "{{ docker_local_network }}"
    # published_ports:
      # Bind to static IP, do not expose any ports to host
      # - 80:80
      # - 443:443
      # - 8080:8080
    labels:
      traefik.enable: "true"
      traefik.http.routers.traefik-public.rule: "HostHeader(`traefik.{{ external_domain }}`)" # "HostHeader(`traefik.{{ external_domain }}`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
      traefik.http.routers.traefik-public.entrypoints: "websecure"
      traefik.http.routers.traefik-public.service: "api@internal"
      #traefik.http.routers.traefik-public.middlewares: "dashboard_stripprefix@internal,dashboard_redirect@internal"
    recreate: "{{ docker_container_recreate }}"
    networks_cli_compatible: yes

Static config:

global:
  sendAnonymousUsage: true

log:
  level: "WARN" # DEBUG, PANIC, FATAL, ERROR, WARN, and INFO

api:
  dashboard: true
  insecure: false # true, false

providers:
  docker:
    exposedByDefault: false
    network: "localnet" # {{ docker_local_network }}
  file:
    filename: "/config/dynamic.yml"

# https://docs.traefik.io/routing/entrypoints/
entryPoints:
  web:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: websecure
          scheme: https
  websecure:
    address: ":443"
    http:
      # --entrypoints.websecure.http.middlewares=traefik-forward-auth
      # --entrypoints.websecure.http.tls=true
      # --entrypoints.websecure.http.tls.certresolver=dns-cloudflare
      # --certificatesresolvers.dns-cloudflare.acme.email={{ cloudflare_email }}
      # --certificatesresolvers.dns-cloudflare.acme.storage=/config/acme.json
      # --certificatesresolvers.dns-cloudflare.acme.dnschallenge.provider=cloudflare
      # CF_DNS_API_TOKEN: "{{ cloudflare_dns_api_token }}"
      middlewares:
        # Enable auth for all services
        - "traefik-forward-auth@docker"
      tls:
        domains:
          - main: "home.insanegenius.net" # {{ ansible_domain }}
            sans:
              - "*.home.insanegenius.net" #*.{{ ansible_domain }}
          - main: "insanegenius.net" # {{ external_domain }}
            sans:
              - "*.insanegenius.net" # *.{{ external_domain }}

Dynamic config:

tls:
  stores:
    default: {}
  certificates:
    - certFile: "/config/star_insanegenius_net.crt"
      keyFile: "/config/star_insanegenius_net.key"
    - certFile: "/config/star_home_insanegenius_net.crt"
      keyFile: "/config/star_home_insanegenius_net.key"

I got that out of the box using a Host() rule. Traefik v2.2.1

curl -i https://traefik.example.com
HTTP/2 302 
content-type: text/html; charset=utf-8
location: /dashboard/
content-length: 34
date: Tue, 21 Jul 2020 19:56:50 GMT

<a href="/dashboard/">Found</a>.

Hmm, don't know what to say, did not work for me.
Cleared cookies, recreated the container, using v2.2.7, and now it works using the same config as posted.
Thx.

1 Like

Yep. Same on v2.2.6 using Host() or HostHeader()