I'm trying to limit the access to the traefik dashboard using ipwhitelist function
I'm using ipwhitelist in the way you see bellow but I can still access to it from different networks like 10.10.40.1/24
Is there a way to solve this? I'm using a valid domain and a lets encrypt cert but I don't want it to be accessed from internet although I'm not publishing this cname
Basically I don't want this app be accessed from anywhere except 10.10.10.1/24
###############################################################
# Traefik
###############################################################
version: '3.9'
# Services ####################################################
services:
traefik:
container_name: Traefik
image: traefik:latest
restart: unless-stopped
depends_on:
- socketproxy
networks:
socketproxy: # rename this to your custom docker network
br2:
ipv4_address: 10.10.50.250
dns: 10.10.50.5
ports:
- "80:80"
- "443:443"
- "8080:8080" # Dashboard port
volumes:
- "/mnt/user/Docker/Traefik:/etc/traefik/"
environment:
- TZ
- DOCKER_HOST=socketproxy
- CF_API_EMAIL=asdasdasdasda@gmail.com
- CF_DNS_API_TOKEN=asdasdasdasdasdasd
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.traefik-dashboard.ipwhitelist.sourcerange=10.10.10.1/24"
#- "traefik.http.middlewares.traefik-dashboard-ipwhitelist.ipwhitelist.ipstrategy.depth=2"
- "traefik.http.services.traefik-dashboard.loadbalancer.server.port=8080" #required
- "traefik.http.routers.traefik-dashboard.rule=Host(`traefik.testest.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
- "traefik.http.routers.traefik-dashboard.tls=true"
- "traefik.http.routers.traefik-dashboard.service=api@internal" #required
#- "traefik.http.routers.api.service=api@internal" #required
#- "traefik.http.routers.api.tls=true"
- "traefik.http.routers.traefik-dashboard.tls.certresolver=letsencrypt"
#- "traefik.http.routers.traefik-dashboard.entrypoints=https443"
socketproxy:
container_name: Traefik_socket-proxy
image: tecnativa/docker-socket-proxy
restart: unless-stopped
networks:
- socketproxy
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
environment:
- LOG_LEVEL=info # debug,info,notice,warning,err,crit,alert,emerg
- CONTAINERS=1
- POST=0
privileged: true
networks:
br2:
driver: macvlan
external: true
socketproxy:
internal: true
Doesn't appear as middlewares
- "traefik.http.middlewares.traefik-dashboard.ipwhitelist.sourcerange=10.10.10.1/24"