StripPrefix is not working with https by sending the subpath as well

jaydevops · March 22, 2020, 5:02am

The docker-compose file is as follows:
Using traefik:latest
traefik compose file:

version: '3.5'
services:
  traefik:
    image: traefik:latest
    container_name: traefik
    networks:
      - "traefikvnet"
    command:
      #- --api.insecure=true
      - --api.dashboard=true
      - --api.debug=true
      - --providers.docker
        # setup dynamic config directory as /config volume
      - --providers.file.directory=/config
      - --providers.file.watch=true
        # setup http entrypoint on port 80
      - --entrypoints.web.address=:80
        # setup https entrypoint on port 9443
      - --entrypoints.websecure.address=:443
      #- --entrypoints.traefik.address=:8080
      - --log.filePath=/logs/traefik.log
      - --log.level=debug
      - --log.format=json
      - --accesslog=true
      - --accesslog.filepath=/logs/access.log
      - --accesslog.format=json
    labels:
      # catchall http -> https redirect
      - traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)
      - traefik.http.routers.http-catchall.entrypoints=web
      - traefik.http.routers.http-catchall.middlewares=redirect-to-https@docker
      - traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
      - traefik.http.middlewares.redirect-to-https.redirectscheme.port=443
      - traefik.http.routers.traefikapi.rule=Host(`traefik.local.net`)
      - traefik.http.routers.traefikapi.service=api@internal
      - traefik.http.routers.traefikapi.tls=true
      #- traefik.http.routers.traefikapi.middlewares.auth.basicauth.users=test:mypasswordtoreplace

    ports:
        # http port
      - "80:80"
        # https port - backends to 443
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
        # config volume from this repo as readonly
      - ./config:/config:ro
        # adding volume containing ssl certs
      - ./certs:/certs:ro
        # adding volume for log files
      - ./logs:/logs
    restart: always

networks:
  traefikvnet:
    external:
      name: reverseproxyvnet

api-compose file

version: "3.5"
services:
  myapi:
    image: jaydevops/myapi:latest
    env_file: 
      - "~/myapi/myenv.env"
    networks:
        - "traefikvnet"
    labels:
      - traefik.http.middlewares.myapistrip.stripprefix.prefixes=/myapi
      - traefik.http.middlewares.myapistrip.stripprefix.forceslash=false
      - traefik.enable=true
      - traefik.http.routers.myapi.entrypoints=websecure
      - traefik.http.routers.myapi.tls=true
      - traefik.http.routers.myapi.rule=Host(`api.local.net`) && PathPrefix(`/myapi`)
      - traefik.http.routers.myapi.middlewares=myapistrip
    restart: always

networks:
  traefikvnet:
  external:
    name: reverseproxyvnet

The examples works for subdomains that was built with no stripprfeix:
web. & logs.local.net
traefik.local.net/api/rawadata
traefik.local.net/dashboard/

I used the following example code to build the secured.

Using the same cert for all domains as found in the above example.

Ironically, the whoami example is displaying stripped path.

What would make nodejs application, php applications not work?

#StripPrefix #TLS

Topic		Replies	Views
HTTPS Redirection Default Traefik v2 (latest) docker , middleware	2	412	May 21, 2020
Redirect scheme (http to https) not working Traefik v2 (latest) middleware	6	3918	October 10, 2022
Http to https redirect - Again Traefik v2 (latest) docker	10	1471	February 24, 2020
Cannot get http -> https redirect to work properly Traefik v2 (latest) docker , middleware	3	1678	December 12, 2019
Unable to securely(https) access the application with traefik in docker-compose Traefik v1 docker	0	374	May 27, 2022

StripPrefix is not working with https by sending the subpath as well

Related Topics