Hello everyone.
On docker I run traefik with with the following configuration:
version: "3.8"
services:
traefik:
container_name: Traefik
image: traefik:latest
environment:
# TRAEFIK_LOG_LEVEL: 'DEBUG'
TRAEFIK_GLOBAL_CHECKNEWVERSION: 'true'
TRAEFIK_PROVIDERS_DOCKER: 'true'
TRAEFIK_PROVIDERS_DOCKER_EXPOSEDBYDEFAULT: 'false'
TRAEFIK_PROVIDERS_FILE_FILENAME: '/configurations/dynamic.yml'
TRAEFIK_API: 'true'
TRAEFIK_API_DASHBOARD: 'true'
TRAEFIK_API_INSECURE: 'true'
OVH_ENDPOINT: 'ovh-eu'
OVH_APPLICATION_KEY: 'xxx'
OVH_APPLICATION_SECRET: 'xxx'
OVH_CONSUMER_KEY: 'xxx'
TRAEFIK_CERTIFICATESRESOLVERS_certbot: 'true'
TRAEFIK_CERTIFICATESRESOLVERS_certbot_ACME_DNSCHALLENGE: 'true'
TRAEFIK_CERTIFICATESRESOLVERS_certbot_ACME_DNSCHALLENGE_PROVIDER: 'ovh'
TRAEFIK_CERTIFICATESRESOLVERS_certbot_ACME_EMAIL: 'info@mydomain.com'
TRAEFIK_CERTIFICATESRESOLVERS_certbot_ACME_STORAGE: '/letsencrypt/acme.json'
TRAEFIK_ENTRYPOINTS_web: 'true'
TRAEFIK_ENTRYPOINTS_websec: 'true'
TRAEFIK_ENTRYPOINTS_web_ADDRESS: ':80'
TRAEFIK_ENTRYPOINTS_websec_ADDRESS: ':443'
TRAEFIK_ENTRYPOINTS_smtp: 'true'
TRAEFIK_ENTRYPOINTS_imap: 'true'
TRAEFIK_ENTRYPOINTS_smtp_ADDRESS: ':465'
TRAEFIK_ENTRYPOINTS_imap_ADDRESS: ':993'
TRAEFIK_ENTRYPOINTS_web_HTTP_REDIRECTIONS_ENTRYPOINT_TO: 'websec'
TRAEFIK_ENTRYPOINTS_web_HTTP_REDIRECTIONS_ENTRYPOINT_PERMANENT: 'true'
TRAEFIK_ENTRYPOINTS_web_HTTP_REDIRECTIONS_ENTRYPOINT_SCHEME: 'https'
ports:
- 8051:80/tcp # Trafeik HTTP
- 8052:8080/tcp # Trafeik WebUI
- 4351:443/tcp # Trafeik HTTPs
- 465:465/tcp # Trafeik SMTPs
- 993:993/tcp # Trafeik IMAPs
restart: unless-stopped
Also contain dynamic configuration file
http:
middlewares:
WebHeaderMain:
headers:
frameDeny: true
browserXssFilter: true
stsincludesubdomains: false
stspreload: true
stsseconds: 31536000
isdevelopment: false
contentTypeNosniff: true
customFrameOptionsValue: SAMEORIGIN
referrerPolicy: no-referrer
contentSecurityPolicy: default-src 'self'
tcp:
middlewares:
MailLimitsSMTP:
inFlightConn:
amount: 25
MailLimitsIMAP:
inFlightConn:
amount: 25
I got two http web servers one for main domain "mydomain.com" second for "subdomain.mydomain.com"
labels:
- "traefik.enable=true"
- "traefik.http.routers.httpd_main.entrypoints=web, websec"
- "traefik.http.routers.httpd_main.rule=Host(`mydomain.com`)"
- "traefik.http.routers.httpd_main.service=WebHTTPmain"
- 'traefik.http.services.WebHTTPmain.loadbalancer.server.port=80'
- "traefik.http.routers.httpd_main.tls=true"
- "traefik.http.routers.httpd_main.tls.certresolver=certbot"
- "traefik.http.routers.httpd_main.middlewares=WebHeaderMain@file"
labels:
- "traefik.enable=true"
- "traefik.http.routers.httpd_info.entrypoints=web, websec"
- "traefik.http.routers.httpd_info.rule=Host(`subdomain.mydomain.com`)"
- "traefik.http.routers.httpd_info.service=WebHTTPinfo"
- 'traefik.http.services.WebHTTPinfo.loadbalancer.server.port=80'
- "traefik.http.routers.httpd_info.tls=true"
- "traefik.http.routers.httpd_info.tls.certresolver=certbot"
- "traefik.http.routers.httpd_info.middlewares=WebHeaderMain@file"
Third configuration is my mail server and two services on port 465 and 993 which are available on mail.mydomain.com
mailserver:
container_name: MailServer
image: docker.io/mailserver/docker-mailserver:latest
labels:
- "traefik.enable=true"
### SMTPs
- "traefik.tcp.routers.poczta_smtp.entrypoints=smtp"
# - "traefik.tcp.routers.poczta_smtp.middlewares=MailLimitsSMTP@file"
- "traefik.tcp.routers.poczta_smtp.rule=HostSNI(`mail.mydomain.com`)"
- "traefik.tcp.routers.poczta_smtp.service=MailSMTPservice"
- "traefik.tcp.routers.poczta_smtp.tls=true"
- "traefik.tcp.routers.poczta_smtp.tls.certresolver=certbot"
- 'traefik.tcp.services.MailSMTPservice.loadbalancer.server.port=465'
### IMAPs
- "traefik.tcp.routers.poczta_imap.entrypoints=imap"
# - "traefik.tcp.routers.poczta_imap.middlewares=MailLimitsIMAP@file"
- "traefik.tcp.routers.poczta_imap.rule=HostSNI(`mail.mydomain.com`)"
- "traefik.tcp.routers.poczta_imap.service=MailIMAPservice"
- "traefik.tcp.routers.poczta_imap.tls=true"
- "traefik.tcp.routers.poczta_imap.tls.certresolver=certbot"
- 'traefik.tcp.services.MailIMAPservice.loadbalancer.server.port=993'
On Traefik GUI everything looks ok. Both web servers works correctly.
I only got problem with TCP Routs.
When I send telnet to port 465 I don't receive standard mail server greeting but HTTP error 400
Even if I disable mailserver container I receiv the same error.
On Docker I have several other containers but they are connected to different networks and they don't use traefik.
HTTP/1.1 400 Bad Request
Content-Type: text/plain; charset=utf-8
Connection: close
400 Bad Request