Hello, I've been following the compose example to create my docker compose file for traefik. It looks like this:
services:
traefik:
image: "traefik:v3.1"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entryPoints.web.address=:80"
ports:
- "80:80"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
And then I have my service (Reposilite in this case) running in this compose:
services:
reposilite:
image: dzikoysk/reposilite
ports:
- 100:8080
environment:
- JAVA_OPTS=-Xmx256M
- REPOSILITE_OPTS=--port 8080
volumes:
- reposilite-data:/app/data
restart: unless-stopped
stdin_open: true
tty: true
labels:
- "traefik.enable=true"
- "traefik.http.routers.maven.rule=Host(`maven.radsteve.net`)"
- "traefik.http.routers.maven.entrypoints=web"
volumes:
reposilite-data: {}
But it just isn't accessible on maven.radsteve.net. I've checked the debug logs and I've been getting this:
> Configuration received config={"http":{"routers":{"maven":{"entryPoints":["web"],"rule":"Host(`maven.radsteve.net`)","service":"reposilite-maven"}},"services":{"reposilite-maven":{"loadBalancer":{"passHostHeader":true,"responseForwarding":{"flushInterval":"100ms"},"servers":[{"url":"http://192.168.112.2:8080"}]}}}},"tcp":{},"tls":{},"udp":{}} providerName=docker
Now, when I curl http://192.168.112.2:8080, I actually get my Reposilite instance. Why does this not work on my domain? On my domain, I just get a 404 page not found.
Might be worth to note that I'm using cloudflare with SSL set to full
After testing for a bit, it gives each web server its own IP. Still only a 404 from the route tho.
Docker/containers are mainly for isolation. One compose project can’t connect to another, unless you create a shared Docker network.
Check simple Traefik example.
Usually the target services would not use ports:, as that might enable circumventing Traefik security middlewares.
I've tried doing this: docker network create web
Traefik:
services:
traefik:
image: "traefik:v3.1"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entryPoints.web.address=:80"
- "--api.dashboard=true"
ports:
- "80:80"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
networks:
- web
labels:
- "traefik.enable=true"
- "traefik.http.routers.admin.rule=Host(`traefik.radsteve.net`)"
- "traefik.http.routers.admin.service=api@internal"
- "traefik.http.routers.admin.middlewares=basicauth"
- "traefik.http.middlewares.myauth.basicauth.users=admin:redacted"
networks:
web:
external: true
And this as my reposilite compose:
services:
reposilite:
image: dzikoysk/reposilite
ports:
- 100:8080
environment:
- JAVA_OPTS=-Xmx256M
- REPOSILITE_OPTS=--port 8080
volumes:
- reposilite-data:/app/data
restart: unless-stopped
stdin_open: true
tty: true
labels:
- traefik.enable=true
- traefik.http.routers.maven.rule=Host(`maven.radsteve.net`)
- traefik.http.services.maven.loadbalancer.server.port=80
- traefik.http.middlewares.www.redirectregex.regex=^https://www\.(.*)
- traefik.http.middlewares.www.redirectregex.replacement=https://$${1}
- traefik.http.routers.maven.middlewares=www
networks:
- web
volumes:
reposilite-data: {}
networks:
web:
external: true
But I'm still getting a 404. On my maven domain AND dashboard domain.
Traefik debug log probably tells you about some of the errors:
- you create
myauth middleware, but assign basicauth
- you configure
loadbalancer.server.port=80, but the target service probably runs on 8080
- you add a
www redirectregex, but have no www domain in rule to match
Alright, I have fixed those. But for 2., I've tried setting it to 8080 and 100. Still getting 404s.
services:
traefik:
image: "traefik:v3.1"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entryPoints.web.address=:80"
- "--api.dashboard=true"
ports:
- "80:80"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
networks:
- web
labels:
- "traefik.enable=true"
- "traefik.http.routers.admin.rule=Host(`traefik.radsteve.net`)"
- "traefik.http.routers.admin.service=api@internal"
- "traefik.http.routers.admin.middlewares=basicauth"
- "traefik.http.middlewares.basicauth.basicauth.users=admin:redacted"
networks:
web:
external: true
services:
reposilite:
image: dzikoysk/reposilite
ports:
- 100:8080
environment:
- JAVA_OPTS=-Xmx256M
- REPOSILITE_OPTS=--port 8080
volumes:
- reposilite-data:/app/data
restart: unless-stopped
stdin_open: true
tty: true
labels:
- traefik.enable=true
- traefik.http.routers.maven.rule=Host(`maven.radsteve.net`) || Host(`www.maven.radsteve.net`)
- traefik.http.services.maven.loadbalancer.server.port=100
- traefik.http.middlewares.www.redirectregex.regex=^https://www\.(.*)
- traefik.http.middlewares.www.redirectregex.replacement=https://$${1}
- traefik.http.routers.maven.middlewares=www
networks:
- web
volumes:
reposilite-data: {}
networks:
web:
external: true
I wrote earlier that you don’t need ports: on target services. Traefik connects to target services via the Docker network, within all ports are reachable. And according to your port mapping it should be internal port 8080.
Update: especially when using 
REPOSILITE_OPTS=--port 8080
Enable and check Traefik debug log and Traefik access log in JSON format. OriginStatus is (error) status from target service, DownstreamStatus what Traefik returns.
PS: you can probably remove the www redirect lines completely. It’s for humans entering www, but I would assume that a maven service is rather accessed programmatically.
Your service has some docs, I doubt that you need those lines in a compose file when it’s running in background:
stdin_open: true
tty: true
So I've tried adding this to my traefik command:
--accesslog=true
--accesslog.filepath=/var/log/traefik-access.log
But the file there is still empty. I've added a volume:
- "/var/log/traefik-access.log:/var/log/traefik-access.log"
But this is in my debug log:
{"http":{"middlewares":{"basicauth":{"basicAuth":{"users":["admin:redacted"]}}},"routers":{"admin":{"middlewares":["basicauth"],"rule":"Host(`traefik.radsteve.net`)","service":"api@internal"},"home":{"entryPoints":["web"],"rule":"Host(`radsteve.net`)","service":"nginx-homepage"},"maven":{"rule":"Host(`maven.radsteve.net`)","service":"maven"},"panel":{"entryPoints":["web"],"rule":"Host(`pterodactyl.radsteve.net`)","service":"panel-pterodactyl"}},"services":{"maven":{"loadBalancer":{"passHostHeader":true,"responseForwarding":{"flushInterval":"100ms"},"servers":[{"url":"http://192.168.112.2:8080"}]}},"nginx-homepage":{"loadBalancer":{"passHostHeader":true,"responseForwarding":{"flushInterval":"100ms"},"servers":[{"url":"http://192.168.32.2:80"}]}},"panel-pterodactyl":{"loadBalancer":{"passHostHeader":true,"responseForwarding":{"flushInterval":"100ms"},"servers":[{"url":"http://172.20.0.2:80"}]}},"traefik-traefik":{"loadBalancer":{"passHostHeader":true,"responseForwarding":{"flushInterval":"100ms"},"servers":[{"url":"http://192.168.112.3:80"}]}}}},"tcp":{},"tls":{},"udp":{}}
formatted json
Your debug log is not complete, every line should start with DBG, INF or ERR.
Use
--accesslog.format=json
and just check container output instead of separate file.
Yes, that was just a small snippet of my debug log. But I am still not getting any other JSON output other than that. The file is still empty.
As stated by @bluepuma77 I think your issue comes from exposing port 8080 in your compose file and binding it to a host port, by doing so I guess traefik is unable to bind to that port as it's already being used by the host, you may find some logs on your reposilite container. link to port detection using traefik
So it turns out, this entire time I have had an empty Traefik server running inside of Kubernetes... Because K3s ships with one and I didn't notice. Thanks anyway though!