Traefik 1.7 to 2.0 Docker for Windows

So basically I need to config files. One for static (docker and let'sencrypt) and one dynamy for https redirect and the capabilities from the old rules.toml file? I already read through the documentation, but if v1 was readable for a noob, v2 is way more complicated. Sorry for my ignorance.

There are many ways to slice a cat. I find it useful to start with something and then modify it when something does not work. For you I'd recommend to start with basic example. In this case you are using command line flags for static configuration (not file) and docker label for dynamic configuration (not file), but you can add files later if at any point you feel you need them. Remember though, that you cannot mix static configuration, so if you ever switch to a file, make sure to remove it from the command line!

I do understand that it may be difficult to get started. Just break down your migration tasks to smaller chunks. (Like, "get dashboard working", "get let's encrypt working", "get that app working", etc, what fits you), and work on them once at a time.

ok, after I put together everything I managed to find from the official documentation and from other forum examples, here's what I have so far.
For the moment my approach is to stop the traefik 1.7 container and start another one based on 2.0.1 for tests until I have a working environment again.

Below is my current compose file with traefik and a guinea pig container.
  bazarr:
    image: 'linuxserver/bazarr:latest'
    container_name: bazarr
    hostname: bazarr
    volumes:
      - '.\bazarr\config:/config'
    ports:
      - '6767:6767'
    environment:
      - TZ=Europe/Bucharest
      - com.ouroboros.enable=true
    restart: unless-stopped
    env_file:
      - .env
    labels:
#      - 'traefik.frontend.rule=Host:bazarr.DOMAIN.com'
#      - traefik.frontend.passHostHeader=true
#      - traefik.enable=true
      - traefik.port=6767
#      - traefik.backend=bazarr
      - "traefik.enable=true"
      - "traefik.http.routers.bazarr_http.rule=Host(`bazarr.DOMAIN.com`)"
      - "traefik.http.routers.bazarr_http.entrypoints=http"
      - "traefik.http.routers.bazarr_http.middlewares=redirect-https-bazarr"
      - "traefik.http.middlewares.redirect-https-bazarr.redirectscheme.scheme=https"
      - "traefik.http.routers.bazarr_https.rule=Host(`bazarr.DOMAIN.com`)"
      - "traefik.http.routers.bazarr_https.entrypoints=https"
      - "traefik.http.routers.bazarr_https.tls=true"
      - "traefik.http.routers.bazarr_https.tls.certResolver=letsencrypt"    
      - "traefik.http.services.bazarr.loadbalancer.server.port=6767"  
  traefik_2.0.1:
    image: traefik
    container_name: traefik_2.0
    hostname: traefik_2.0
    ports:
      - '443:443'
      - '80:80'
      - '8080:8080'
    volumes:
      - '/var/run/docker.sock:/var/run/docker.sock'
      - '.\traefik_2.0.1\traefik.yml:/etc/traefik/traefik.yml'
    env_file:
      - .env
    restart: unless-stopped
    domainname: '${ZONE}'
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik_https.rule=Host(`traefik.localhost`)"
      - "traefik.http.routers.traefik_https.entrypoints=https"
      - "traefik.http.routers.traefik_https.tls=true"
      - "traefik.http.routers.traefik_https.tls.certResolver=letsencrypt"
      - "traefik.http.routers.traefik_https.service=api@internal"
      - "traefik.http.routers.http_traefik.rule=Host(`traefik.localhost`)"
      - "traefik.http.routers.http_traefik.entrypoints=http"
      - "traefik.http.routers.http_traefik.middlewares=https_redirect"
      - "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https"
      - "traefik.http.middlewares.https_redirect.redirectscheme.permanent=true"
    environment:
      - 'CF_API_EMAIL=${EMAIL}'
      - 'CF_API_KEY=${API_KEY}'
      - com.ouroboros.enable=true
      - TZ=Europe/Bucharest
    command:
      - '--acme.storage=/acme.json'
      - '--log.level=DEBUG'
      - '--log.filePath=/traefik.log'
      - '--log.format=json'
      - '--global.checkNewVersion=true'
      - '--global.sendAnonymousUsage=false'
      - '--entryPoints.http.address=:80'
      - '--entryPoints.https.address=:443'
      - '--api'
      - '--ping'
      - '--certificatesResolvers.letsencrypt.acme.email="EMAIL@gmail.com"'
      - '--certificatesResolvers.letsencrypt.acmestorage="acme.json"'
      - '--certificatesResolvers.letsencrypt.acme.dnsChallenge.provider="cloudflare"'
      - '--providers.docker.exposedByDefault=false'
      - '--providers.docker.watch=true'
      - '--providers.docker.swarmMode=false'

Dashboard available, and Bazarr service looks ok.
9 Routers, 7 Services and 2 Middlewares. To be noted that only one (bazarr) container is setup for traefik 2.0

No errors across the dashboard, but certificates are not being fetched.

Here's my latest log since the last restart of the container.
time="2019-10-01T14:47:03+03:00" level=info msg="Server stopped",
time="2019-10-01T14:47:03+03:00" level=info msg="Shutting down",
time="2019-10-01T14:47:11+03:00" level=info msg="Configuration loaded from file: /etc/traefik/traefik.yml",
time="2019-10-01T14:47:11+03:00" level=info msg="Traefik version 2.0.1 built on 2019-09-26T16:18:03Z",
time="2019-10-01T14:47:11+03:00" level=debug msg="Static configuration loaded {\"global\":{\"checkNewVersion\":true},\"serversTransport\":{\"insecureSkipVerify\":true,\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"http\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}},\"https\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}},\"traefik\":{\"address\":\":8080\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}}},\"providers\":{\"providersThrottleDuration\":2000000000,\"docker\":{\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"swarmModeRefreshSeconds\":15000000000},\"file\":{\"watch\":true,\"filename\":\"/etc/traefik/rules.toml\"}},\"api\":{\"insecure\":true,\"dashboard\":true},\"log\":{\"level\":\"DEBUG\",\"format\":\"common\"},\"certificatesResolvers\":{\"default\":{\"acme\":{\"email\":\"EMAIL@gmail.com\",\"caServer\":\"https://acme-v02.api.letsencrypt.org/directory\",\"storage\":\"/acme.json\",\"keyType\":\"RSA4096\",\"dnsChallenge\":{\"provider\":\"cloudflare\",\"delayBeforeCheck\":120000000000,\"resolvers\":[\"1.1.1.1:53\"]}}}}}",
time="2019-10-01T14:47:11+03:00" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://docs.traefik.io/v2.0/contributing/data-collection/\n",
time="2019-10-01T14:47:11+03:00" level=debug msg="No default certificate, generating one",
time="2019-10-01T14:47:11+03:00" level=info msg="Starting provider aggregator.ProviderAggregator {}",
time="2019-10-01T14:47:11+03:00" level=debug msg="Start TCP Server" entryPointName=https,
time="2019-10-01T14:47:11+03:00" level=debug msg="Start TCP Server" entryPointName=traefik,
time="2019-10-01T14:47:11+03:00" level=debug msg="Start TCP Server" entryPointName=http,
time="2019-10-01T14:47:11+03:00" level=info msg="Starting provider *file.Provider {\"watch\":true,\"filename\":\"/etc/traefik/rules.toml\"}",
time="2019-10-01T14:47:11+03:00" level=error msg="Cannot start the provider *file.Provider: error reading configuration file: /etc/traefik/rules.toml - open /etc/traefik/rules.toml: no such file or directory",
time="2019-10-01T14:47:11+03:00" level=info msg="Starting provider *acme.Provider {\"email\":\"EMAIL@gmail.com\",\"caServer\":\"https://acme-v02.api.letsencrypt.org/directory\",\"storage\":\"/acme.json\",\"keyType\":\"RSA4096\",\"dnsChallenge\":{\"provider\":\"cloudflare\",\"delayBeforeCheck\":120000000000,\"resolvers\":[\"1.1.1.1:53\"]},\"ResolverName\":\"default\",\"store\":{},\"ChallengeStore\":{}}",
time="2019-10-01T14:47:11+03:00" level=info msg="Testing certificate renew..." providerName=default.acme,
time="2019-10-01T14:47:11+03:00" level=info msg="Starting provider *docker.Provider {\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"swarmModeRefreshSeconds\":15000000000}",
time="2019-10-01T14:47:11+03:00" level=debug msg="Configuration received from provider default.acme: {\"http\":{},\"tls\":{}}" providerName=default.acme,
time="2019-10-01T14:47:11+03:00" level=debug msg="No default certificate, generating one",
time="2019-10-01T14:47:11+03:00" level=debug msg="Provider connection established with docker 19.03.2 (API 1.40)" providerName=docker,
time="2019-10-01T14:47:11+03:00" level=debug msg="Filtering disabled container" providerName=docker container=kibana-media-server-c1316fbc05f3a7eb527d270d1f1a037f84d0b8fff256f0abd5d5392bd8668291,
time="2019-10-01T14:47:11+03:00" level=debug msg="Filtering disabled container" providerName=docker container=filebeat-media-server-f80e988ab2b068b18cdc6fb193817361377435241652be1cf18f20b37346bae5,
time="2019-10-01T14:47:11+03:00" level=debug msg="Filtering disabled container" providerName=docker container=elasticsearch-media-server-48620b88fa282f6d4471f3ae2a36155d0e3c12d78dda63e59b49a1218e6111a8,
time="2019-10-01T14:47:11+03:00" level=debug msg="Filtering disabled container" container=ouroboros-media-server-2c373d7a804d3b62c02c16fe99dda574996cbe0f7bb0c004a245b8a1c41166df providerName=docker,
time="2019-10-01T14:47:11+03:00" level=debug msg="Filtering disabled container" container=chronograf-media-server-42f5ff510c4cae99e65defc4f42a9ce0c04466cda021117f9879cf3376f6504e providerName=docker,
time="2019-10-01T14:47:11+03:00" level=debug msg="Filtering disabled container" providerName=docker container=influxdb-telegraf-media-server-5ea37b993a0dfa03a961971d7ca28b8cd9cc745642de30e541963e2b03259c93,
time="2019-10-01T14:47:11+03:00" level=debug msg="Filtering disabled container" providerName=docker container=portainer-media-server-c5d350f8f78bd181729c91f52e3a9cbcfca18b4072c807a321307a5aca415a60,
time="2019-10-01T14:47:11+03:00" level=debug msg="Filtering disabled container" providerName=docker container=logarr-media-server-c7cf89bea2d8bc5b4ffbfc25ab4513b9e5ffb714ecb18f46b793a7bdf93fd7f5,
time="2019-10-01T14:47:11+03:00" level=debug msg="Filtering disabled container" providerName=docker container=cloudflare-ddns-media-server-c885127c8daf936bcec87b253a9aa404500bf662ff7c50f7e6fc63f898ae55c4,
time="2019-10-01T14:47:11+03:00" level=debug msg="Filtering disabled container" providerName=docker container=piholeinflux-media-server-462d6822c39e3da20a725b24ad3c60ed7a2a61d37a996f9bf33431aeceada7b9,
time="2019-10-01T14:47:11+03:00" level=debug msg="Configuration received from provider docker: {\"http\":{\"routers\":{\"bazarr_http\":{\"entryPoints\":[\"http\"],\"middlewares\":[\"redirect-https-bazarr\"],\"service\":\"bazarr\",\"rule\":\"Host(`bazarr.DOMAIN.com`)\"},\"bazarr_https\":{\"entryPoints\":[\"https\"],\"service\":\"bazarr\",\"rule\":\"Host(`bazarr.DOMAIN.com`)\",\"tls\":{\"certResolver\":\"letsencrypt\"}},\"grafana-media-server\":{\"service\":\"grafana-media-server\",\"rule\":\"Host(`grafana-media-server`)\"},\"heimdall-media-server\":{\"service\":\"heimdall-media-server\",\"rule\":\"Host(`heimdall-media-server`)\"},\"http_traefik\":{\"entryPoints\":[\"http\"],\"middlewares\":[\"https_redirect\"],\"service\":\"traefik-2-0-1-media-server\",\"rule\":\"Host(`traefik.localhost`)\"},\"ombi-media-server\":{\"service\":\"ombi-media-server\",\"rule\":\"Host(`ombi-media-server`)\"},\"organizr-media-server\":{\"service\":\"organizr-media-server\",\"rule\":\"Host(`organizr-media-server`)\"},\"tautulli-media-server\":{\"service\":\"tautulli-media-server\",\"rule\":\"Host(`tautulli-media-server`)\"},\"traefik_https\":{\"entryPoints\":[\"https\"],\"service\":\"api@internal\",\"rule\":\"Host(`traefik.localhost`)\",\"tls\":{\"certResolver\":\"letsencrypt\"}}},\"middlewares\":{\"https_redirect\":{\"redirectScheme\":{\"scheme\":\"https\",\"permanent\":true}},\"redirect-https-bazarr\":{\"redirectScheme\":{\"scheme\":\"https\"}}},\"services\":{\"bazarr\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.7:6767\"}],\"passHostHeader\":true}},\"grafana-media-server\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.2:3000\"}],\"passHostHeader\":true}},\"heimdall-media-server\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.15:80\"}],\"passHostHeader\":true}},\"ombi-media-server\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.4:3579\"}],\"passHostHeader\":true}},\"organizr-media-server\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.18:80\"}],\"passHostHeader\":true}},\"tautulli-media-server\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.16:8181\"}],\"passHostHeader\":true}},\"traefik-2-0-1-media-server\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.8:80\"}],\"passHostHeader\":true}}}},\"tcp\":{}}" providerName=docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [https traefik http]" routerName=heimdall-media-server@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [https traefik http]" routerName=organizr-media-server@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [https traefik http]" routerName=grafana-media-server@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [https traefik http]" routerName=ombi-media-server@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [https traefik http]" routerName=tautulli-media-server@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" routerName=http_traefik@docker serviceName=traefik-2-0-1-media-server entryPointName=http middlewareName=pipelining middlewareType=Pipelining,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating load-balancer" entryPointName=http routerName=http_traefik@docker serviceName=traefik-2-0-1-media-server,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating server 0 http://172.18.0.8:80" entryPointName=http routerName=http_traefik@docker serviceName=traefik-2-0-1-media-server serverName=0,
time="2019-10-01T14:47:12+03:00" level=debug msg="Added outgoing tracing middleware traefik-2-0-1-media-server" entryPointName=http routerName=http_traefik@docker middlewareName=tracing middlewareType=TracingForwarder,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" entryPointName=http routerName=http_traefik@docker middlewareName=https_redirect@docker middlewareType=RedirectScheme,
time="2019-10-01T14:47:12+03:00" level=debug msg="Setting up redirection to https " middlewareName=https_redirect@docker middlewareType=RedirectScheme entryPointName=http routerName=http_traefik@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="Adding tracing to middleware" entryPointName=http routerName=http_traefik@docker middlewareName=https_redirect@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" serviceName=organizr-media-server entryPointName=http middlewareName=pipelining middlewareType=Pipelining routerName=organizr-media-server@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating load-balancer" entryPointName=http routerName=organizr-media-server@docker serviceName=organizr-media-server,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating server 0 http://172.18.0.18:80" routerName=organizr-media-server@docker serviceName=organizr-media-server serverName=0 entryPointName=http,
time="2019-10-01T14:47:12+03:00" level=debug msg="Added outgoing tracing middleware organizr-media-server" entryPointName=http middlewareName=tracing middlewareType=TracingForwarder routerName=organizr-media-server@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" entryPointName=http middlewareName=pipelining middlewareType=Pipelining routerName=grafana-media-server@docker serviceName=grafana-media-server,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating load-balancer" routerName=grafana-media-server@docker serviceName=grafana-media-server entryPointName=http,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating server 0 http://172.18.0.2:3000" routerName=grafana-media-server@docker serviceName=grafana-media-server entryPointName=http serverName=0,
time="2019-10-01T14:47:12+03:00" level=debug msg="Added outgoing tracing middleware grafana-media-server" entryPointName=http middlewareName=tracing middlewareType=TracingForwarder routerName=grafana-media-server@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" middlewareType=Pipelining entryPointName=http routerName=ombi-media-server@docker serviceName=ombi-media-server middlewareName=pipelining,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating load-balancer" entryPointName=http routerName=ombi-media-server@docker serviceName=ombi-media-server,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating server 0 http://172.18.0.4:3579" entryPointName=http routerName=ombi-media-server@docker serviceName=ombi-media-server serverName=0,
time="2019-10-01T14:47:12+03:00" level=debug msg="Added outgoing tracing middleware ombi-media-server" entryPointName=http routerName=ombi-media-server@docker middlewareName=tracing middlewareType=TracingForwarder,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" entryPointName=http routerName=tautulli-media-server@docker middlewareName=pipelining middlewareType=Pipelining serviceName=tautulli-media-server,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating load-balancer" serviceName=tautulli-media-server entryPointName=http routerName=tautulli-media-server@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating server 0 http://172.18.0.16:8181" serverName=0 entryPointName=http routerName=tautulli-media-server@docker serviceName=tautulli-media-server,
time="2019-10-01T14:47:12+03:00" level=debug msg="Added outgoing tracing middleware tautulli-media-server" middlewareName=tracing routerName=tautulli-media-server@docker entryPointName=http middlewareType=TracingForwarder,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" serviceName=bazarr routerName=bazarr_http@docker entryPointName=http middlewareName=pipelining middlewareType=Pipelining,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating load-balancer" routerName=bazarr_http@docker entryPointName=http serviceName=bazarr,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating server 0 http://172.18.0.7:6767" entryPointName=http serviceName=bazarr serverName=0 routerName=bazarr_http@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="Added outgoing tracing middleware bazarr" middlewareName=tracing middlewareType=TracingForwarder entryPointName=http routerName=bazarr_http@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" middlewareType=RedirectScheme entryPointName=http routerName=bazarr_http@docker middlewareName=redirect-https-bazarr@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="Setting up redirection to https " entryPointName=http routerName=bazarr_http@docker middlewareName=redirect-https-bazarr@docker middlewareType=RedirectScheme,
time="2019-10-01T14:47:12+03:00" level=debug msg="Adding tracing to middleware" routerName=bazarr_http@docker middlewareName=redirect-https-bazarr@docker entryPointName=http,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" serviceName=heimdall-media-server middlewareName=pipelining middlewareType=Pipelining entryPointName=http routerName=heimdall-media-server@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating load-balancer" entryPointName=http routerName=heimdall-media-server@docker serviceName=heimdall-media-server,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating server 0 http://172.18.0.15:80" serviceName=heimdall-media-server entryPointName=http routerName=heimdall-media-server@docker serverName=0,
time="2019-10-01T14:47:12+03:00" level=debug msg="Added outgoing tracing middleware heimdall-media-server" entryPointName=http routerName=heimdall-media-server@docker middlewareName=tracing middlewareType=TracingForwarder,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" entryPointName=http middlewareName=traefik-internal-recovery middlewareType=Recovery,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" entryPointName=https middlewareName=traefik-internal-recovery middlewareType=Recovery,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery,
time="2019-10-01T14:47:12+03:00" level=debug msg="Added outgoing tracing middleware api@internal" middlewareType=TracingForwarder entryPointName=https routerName=traefik_https@docker middlewareName=tracing,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" serviceName=bazarr entryPointName=https routerName=bazarr_https@docker middlewareName=pipelining middlewareType=Pipelining,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating load-balancer" entryPointName=https routerName=bazarr_https@docker serviceName=bazarr,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating server 0 http://172.18.0.7:6767" entryPointName=https routerName=bazarr_https@docker serviceName=bazarr serverName=0,
time="2019-10-01T14:47:12+03:00" level=debug msg="Added outgoing tracing middleware bazarr" middlewareName=tracing middlewareType=TracingForwarder entryPointName=https routerName=bazarr_https@docker,
time="2019-10-01T14:47:12+03:00" level=debug msg="Creating middleware" entryPointName=https middlewareName=traefik-internal-recovery middlewareType=Recovery,
time="2019-10-01T14:47:12+03:00" level=debug msg="No default certificate, generating one",
time="2019-10-01T14:47:12+03:00" level=error msg="the router traefik_https uses a non-existent resolver: letsencrypt",
time="2019-10-01T14:47:12+03:00" level=error msg="the router bazarr_https uses a non-existent resolver: letsencrypt",
time="2019-10-01T14:49:02+03:00" level=debug msg="Serving default certificate for request: \"bazarr.DOMAIN.com\"",
time="2019-10-01T14:49:02+03:00" level=debug msg="http: TLS handshake error from 172.18.0.1:45524: remote error: tls: unknown certificate",
time="2019-10-01T14:49:02+03:00" level=debug msg="Serving default certificate for request: \"bazarr.DOMAIN.com\"",
time="2019-10-01T14:49:02+03:00" level=debug msg="http: TLS handshake error from 172.18.0.1:45554: remote error: tls: unknown certificate",
time="2019-10-01T14:49:03+03:00" level=debug msg="Serving default certificate for request: \"bazarr.DOMAIN.com\"",
time="2019-10-01T14:49:03+03:00" level=debug msg="http: TLS handshake error from 172.18.0.1:45570: remote error: tls: unknown certificate",

Later Edit: Tried to fine tune the certificate part and try to put everything in a more orderly fashion and now bazarr dropped from the services list and I lost the middleware :smiley:

Current compose status
  bazarr:
    image: 'linuxserver/bazarr:latest'
    container_name: bazarr
    hostname: bazarr
    volumes:
      - '.\bazarr\config:/config'
    ports:
      - '6767:6767'
    environment:
      - TZ=Europe/Bucharest
      - com.ouroboros.enable=true
    restart: unless-stopped
    env_file:
      - .env
    labels:
#      - 'traefik.frontend.rule=Host:bazarr.DOMAIN.com'
#      - traefik.frontend.passHostHeader=true
#      - traefik.enable=true
      - traefik.port=6767
#      - traefik.backend=bazarr
      - "traefik.enable=true"
      - "traefik.http.routers.bazarr_http.rule=Host(`bazarr.DOMAIN.com`)"
      - "traefik.http.routers.bazarr_http.entrypoints=http"
      - "traefik.http.routers.bazarr_http.middlewares=redirect-https-bazarr"
      - "traefik.http.middlewares.redirect-https-bazarr.redirectscheme.scheme=https"
      - "traefik.http.routers.bazarr_https.rule=Host(`bazarr.DOMAIN.com`)"
      - "traefik.http.routers.bazarr_https.entrypoints=https"
      - "traefik.http.routers.bazarr_https.tls=true"
      - "traefik.http.routers.bazarr_tls.certresolver=mydnschallenge"    
      - "traefik.http.services.bazarr.loadbalancer.server.port=6767"  
  traefik_2.0.1:
    image: traefik
    container_name: traefik_2.0
    hostname: traefik_2.0
    ports:
      - '443:443'
      - '80:80'
      - '8080:8080'
    volumes:
      - '/var/run/docker.sock:/var/run/docker.sock'
      - '.\traefik_2.0.1\traefik.yml:/etc/traefik/traefik.yml'
    env_file:
      - .env
    restart: unless-stopped
    domainname: '${ZONE}'
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik_https.rule=Host(`traefik.localhost`)"
      - "traefik.http.routers.http_traefik.rule=Host(`traefik.localhost`)"      
      - "traefik.http.routers.http_traefik.entrypoints=http"      
      - "traefik.http.routers.traefik_https.entrypoints=https"
      - "traefik.http.routers.traefik_https.tls=true"
      - "traefik.http.routers.traefik_tls.certresolver=mydnschallenge"
      - "traefik.http.routers.traefik_https.service=api@internal"
      - "traefik.http.routers.http_traefik.middlewares=https_redirect"
      - "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https"
      - "traefik.http.middlewares.https_redirect.redirectscheme.permanent=true"
    environment:
      - 'CF_API_EMAIL=${EMAIL}'
      - 'CF_API_KEY=${API_KEY}'
      - com.ouroboros.enable=true
      - TZ=Europe/Bucharest
    command:
      - '--acme.storage=/acme.json'
      - '--log.level=DEBUG'
      - '--log.filePath=/traefik.log'
      - '--log.format=json'
      - '--global.checkNewVersion=true'
      - '--global.sendAnonymousUsage=false'
      - '--entryPoints.http.address=:80'
      - '--entryPoints.https.address=:443'
      - '--api'
      - '--ping'
      - '--certificatesResolvers.mydnschallenge.acme.email="${EMAIL}"'
      - '--certificatesresolvers.mydnschallenge.acme.storage="acme.json"'
      - '--certificatesResolvers.mydnschallenge.acme.dnsChallenge.provider="cloudflare"'
      - '--certificatesResolvers.mydnschallenge.acme.dnsChallenge.entryPoint=web'
      - '--providers.docker.exposedByDefault=false'
      - '--providers.docker.watch=true'
      - '--providers.docker.swarmMode=false'

How do you know the source IP to indicate that it is within the LAN? AFAIK, Docker Desktop's implementation (not docker-machine with VirtualBox) uses an Internal Switch which changes the IP address as such everything looks like it is internal.

I mean that I don't need to have it accessible from outside the house. Http://localhost:8080 is enough for my humble personal needs.

Ok then that's the same as my swarm setup I just used port 44444 and 55555 (since I have public traefik and internal traefik)

This is the bit of code you're looking for for the local access. Note the mode: host is not needed, it was my attempt to get the source IP working before I realized how Docker for Windows is architected in a way that it makes it not possible.

Thanks but I just wanted to make clear the fact that I don't need to secure the traefik dashboard and I also don't need middlewares for basic http authentication. This part always worked without problems, even in the complicated 2.0.
My current problems would be

  1. HTTP to HTTPS redirect
  2. Certificates and their renewal (wildcard, cloudflare, DNS challenge).
  3. And someone to double check my current config.

According to whatever other examples I've found everythins is setup ok, but for some reasons my certificates are not being generated and I receive a resolver doesn't exist error.

latest log
time="2019-10-02T14:44:19+03:00" level=info msg="Shutting down",
time="2019-10-02T14:44:23+03:00" level=info msg="Configuration loaded from file: /etc/traefik/traefik.yml",
time="2019-10-02T14:44:23+03:00" level=info msg="Traefik version 2.0.1 built on 2019-09-26T16:18:03Z",
time="2019-10-02T14:44:23+03:00" level=debug msg="Static configuration loaded {\"global\":{\"checkNewVersion\":true},\"serversTransport\":{\"insecureSkipVerify\":true,\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"http\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}},\"https\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}},\"traefik\":{\"address\":\":8080\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}}},\"providers\":{\"providersThrottleDuration\":2000000000,\"docker\":{\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"swarmModeRefreshSeconds\":15000000000},\"file\":{\"watch\":true,\"filename\":\"/etc/traefik/rules.toml\"}},\"api\":{\"insecure\":true,\"dashboard\":true},\"log\":{\"level\":\"DEBUG\",\"format\":\"common\"},\"certificatesResolvers\":{\"default\":{\"acme\":{\"email\":\"EMAIL@gmail.com\",\"caServer\":\"https://acme-v02.api.letsencrypt.org/directory\",\"storage\":\"/acme.json\",\"keyType\":\"RSA4096\",\"dnsChallenge\":{\"provider\":\"cloudflare\",\"delayBeforeCheck\":120000000000,\"resolvers\":[\"1.1.1.1:53\"]}}}}}",
time="2019-10-02T14:44:23+03:00" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://docs.traefik.io/v2.0/contributing/data-collection/\n",
time="2019-10-02T14:44:23+03:00" level=debug msg="No default certificate, generating one",
time="2019-10-02T14:44:23+03:00" level=debug msg="Start TCP Server" entryPointName=http,
time="2019-10-02T14:44:23+03:00" level=info msg="Starting provider aggregator.ProviderAggregator {}",
time="2019-10-02T14:44:23+03:00" level=debug msg="Start TCP Server" entryPointName=https,
time="2019-10-02T14:44:23+03:00" level=debug msg="Start TCP Server" entryPointName=traefik,
time="2019-10-02T14:44:23+03:00" level=info msg="Starting provider *file.Provider {\"watch\":true,\"filename\":\"/etc/traefik/rules.toml\"}",
time="2019-10-02T14:44:23+03:00" level=error msg="Cannot start the provider *file.Provider: error reading configuration file: /etc/traefik/rules.toml - open /etc/traefik/rules.toml: no such file or directory",
time="2019-10-02T14:44:23+03:00" level=info msg="Starting provider *acme.Provider {\"email\":\"EMAIL@gmail.com\",\"caServer\":\"https://acme-v02.api.letsencrypt.org/directory\",\"storage\":\"/acme.json\",\"keyType\":\"RSA4096\",\"dnsChallenge\":{\"provider\":\"cloudflare\",\"delayBeforeCheck\":120000000000,\"resolvers\":[\"1.1.1.1:53\"]},\"ResolverName\":\"default\",\"store\":{},\"ChallengeStore\":{}}",
time="2019-10-02T14:44:23+03:00" level=info msg="Testing certificate renew..." providerName=default.acme,
time="2019-10-02T14:44:23+03:00" level=info msg="Starting provider *docker.Provider {\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"swarmModeRefreshSeconds\":15000000000}",
time="2019-10-02T14:44:23+03:00" level=debug msg="Configuration received from provider default.acme: {\"http\":{},\"tls\":{}}" providerName=default.acme,
time="2019-10-02T14:44:23+03:00" level=debug msg="No default certificate, generating one",
time="2019-10-02T14:44:23+03:00" level=debug msg="Provider connection established with docker 19.03.2 (API 1.40)" providerName=docker,
time="2019-10-02T14:44:23+03:00" level=error msg="field not found, node: certresolver" container=traefik-2-0-1-media-server-6c75813444e9ac2aeabbba3cb3be019b9a3410584a0d0218020bf6312d07bff8 providerName=docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="Filtering disabled container" container=kibana-media-server-c1316fbc05f3a7eb527d270d1f1a037f84d0b8fff256f0abd5d5392bd8668291 providerName=docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="Filtering disabled container" providerName=docker container=filebeat-media-server-f80e988ab2b068b18cdc6fb193817361377435241652be1cf18f20b37346bae5,
time="2019-10-02T14:44:23+03:00" level=debug msg="Filtering disabled container" providerName=docker container=elasticsearch-media-server-48620b88fa282f6d4471f3ae2a36155d0e3c12d78dda63e59b49a1218e6111a8,
time="2019-10-02T14:44:23+03:00" level=debug msg="Filtering disabled container" providerName=docker container=ouroboros-media-server-2c373d7a804d3b62c02c16fe99dda574996cbe0f7bb0c004a245b8a1c41166df,
time="2019-10-02T14:44:23+03:00" level=debug msg="Filtering disabled container" providerName=docker container=chronograf-media-server-42f5ff510c4cae99e65defc4f42a9ce0c04466cda021117f9879cf3376f6504e,
time="2019-10-02T14:44:23+03:00" level=debug msg="Filtering disabled container" providerName=docker container=influxdb-telegraf-media-server-5ea37b993a0dfa03a961971d7ca28b8cd9cc745642de30e541963e2b03259c93,
time="2019-10-02T14:44:23+03:00" level=debug msg="Filtering disabled container" providerName=docker container=portainer-media-server-c5d350f8f78bd181729c91f52e3a9cbcfca18b4072c807a321307a5aca415a60,
time="2019-10-02T14:44:23+03:00" level=debug msg="Filtering disabled container" providerName=docker container=logarr-media-server-c7cf89bea2d8bc5b4ffbfc25ab4513b9e5ffb714ecb18f46b793a7bdf93fd7f5,
time="2019-10-02T14:44:23+03:00" level=debug msg="Filtering disabled container" providerName=docker container=cloudflare-ddns-media-server-c885127c8daf936bcec87b253a9aa404500bf662ff7c50f7e6fc63f898ae55c4,
time="2019-10-02T14:44:23+03:00" level=debug msg="Filtering disabled container" providerName=docker container=piholeinflux-media-server-462d6822c39e3da20a725b24ad3c60ed7a2a61d37a996f9bf33431aeceada7b9,a,
19-10-02T14:44:23+03:00" level=debug msg="Configuration received from provider docker: {\"http\":{\"routers\":{\"bazarr\":{\"entryPoints\":[\"https\"],\"service\":\"bazarr\",\"rule\":\"Host(`bazarr-media-server`)\",\"tls\":{\"domains\":[{\"main\":\"DOMAIN.com\",\"sans\":[\"*.DOMAIN.com\"]}]}},\"bazarr_http\":{\"service\":\"bazarr\",\"rule\":\"Host(`bazarr.DOMAIN.com`)\"},\"bazarr_https\":{\"service\":\"bazarr\",\"rule\":\"Host(`bazarr-media-server`)\",\"tls\":{\"certResolver\":\"basic\"}},\"grafana-media-server\":{\"service\":\"grafana-media-server\",\"rule\":\"Host(`grafana-media-server`)\"},\"heimdall-media-server\":{\"service\":\"heimdall-media-server\",\"rule\":\"Host(`heimdall-media-server`)\"},\"ombi-media-server\":{\"service\":\"ombi-media-server\",\"rule\":\"Host(`ombi-media-server`)\"},\"organizr-media-server\":{\"service\":\"organizr-media-server\",\"rule\":\"Host(`organizr-media-server`)\"},\"tautulli-media-server\":{\"service\":\"tautulli-media-server\",\"rule\":\"Host(`tautulli-media-server`)\"}},\"services\":{\"bazarr\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.15:6767\"}],\"passHostHeader\":true}},\"grafana-media-server\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.14:3000\"}],\"passHostHeader\":true}},\"heimdall-media-server\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.16:80\"}],\"passHostHeader\":true}},\"ombi-media-server\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.10:3579\"}],\"passHostHeader\":true}},\"organizr-media-server\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.12:80\"}],\"passHostHeader\":true}},\"tautulli-media-server\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.11:8181\"}],\"passHostHeader\":true}}}},\"tcp\":{}}" providerName=docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [https traefik http]" routerName=grafana-media-server@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [https traefik http]" routerName=heimdall-media-server@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [https traefik http]" routerName=ombi-media-server@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [https traefik http]" routerName=organizr-media-server@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [https traefik http]" routerName=tautulli-media-server@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [https traefik http]" routerName=bazarr_http@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" middlewareName=pipelining middlewareType=Pipelining serviceName=tautulli-media-server entryPointName=https routerName=tautulli-media-server@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating load-balancer" serviceName=tautulli-media-server entryPointName=https routerName=tautulli-media-server@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating server 0 http://172.18.0.11:8181" entryPointName=https routerName=tautulli-media-server@docker serviceName=tautulli-media-server serverName=0,
time="2019-10-02T14:44:23+03:00" level=debug msg="Added outgoing tracing middleware tautulli-media-server" middlewareType=TracingForwarder routerName=tautulli-media-server@docker entryPointName=https middlewareName=tracing,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" entryPointName=https routerName=bazarr_http@docker serviceName=bazarr middlewareName=pipelining middlewareType=Pipelining,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating load-balancer" routerName=bazarr_http@docker serviceName=bazarr entryPointName=https,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating server 0 http://172.18.0.15:6767" entryPointName=https routerName=bazarr_http@docker serviceName=bazarr serverName=0,
time="2019-10-02T14:44:23+03:00" level=debug msg="Added outgoing tracing middleware bazarr" routerName=bazarr_http@docker middlewareName=tracing middlewareType=TracingForwarder entryPointName=https,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" serviceName=grafana-media-server entryPointName=https routerName=grafana-media-server@docker middlewareName=pipelining middlewareType=Pipelining,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating load-balancer" entryPointName=https routerName=grafana-media-server@docker serviceName=grafana-media-server,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating server 0 http://172.18.0.14:3000" serverName=0 entryPointName=https routerName=grafana-media-server@docker serviceName=grafana-media-server,
time="2019-10-02T14:44:23+03:00" level=debug msg="Added outgoing tracing middleware grafana-media-server" middlewareType=TracingForwarder middlewareName=tracing entryPointName=https routerName=grafana-media-server@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" entryPointName=https routerName=heimdall-media-server@docker serviceName=heimdall-media-server middlewareName=pipelining middlewareType=Pipelining,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating load-balancer" entryPointName=https routerName=heimdall-media-server@docker serviceName=heimdall-media-server,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating server 0 http://172.18.0.16:80" serverName=0 serviceName=heimdall-media-server entryPointName=https routerName=heimdall-media-server@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="Added outgoing tracing middleware heimdall-media-server" entryPointName=https routerName=heimdall-media-server@docker middlewareName=tracing middlewareType=TracingForwarder,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" middlewareName=pipelining middlewareType=Pipelining entryPointName=https routerName=ombi-media-server@docker serviceName=ombi-media-server,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating load-balancer" serviceName=ombi-media-server entryPointName=https routerName=ombi-media-server@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating server 0 http://172.18.0.10:3579" entryPointName=https routerName=ombi-media-server@docker serviceName=ombi-media-server serverName=0,
time="2019-10-02T14:44:23+03:00" level=debug msg="Added outgoing tracing middleware ombi-media-server" entryPointName=https routerName=ombi-media-server@docker middlewareType=TracingForwarder middlewareName=tracing,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" routerName=organizr-media-server@docker serviceName=organizr-media-server middlewareName=pipelining middlewareType=Pipelining entryPointName=https,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating load-balancer" routerName=organizr-media-server@docker serviceName=organizr-media-server entryPointName=https,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating server 0 http://172.18.0.12:80" serverName=0 entryPointName=https routerName=organizr-media-server@docker serviceName=organizr-media-server,
time="2019-10-02T14:44:23+03:00" level=debug msg="Added outgoing tracing middleware organizr-media-server" middlewareType=TracingForwarder middlewareName=tracing entryPointName=https routerName=organizr-media-server@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" entryPointName=https middlewareName=traefik-internal-recovery middlewareType=Recovery,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" middlewareType=Recovery entryPointName=traefik middlewareName=traefik-internal-recovery,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" entryPointName=http middlewareName=traefik-internal-recovery middlewareType=Recovery,
time="2019-10-02T14:44:23+03:00" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [https traefik http]" routerName=bazarr_https@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" serviceName=bazarr middlewareName=pipelining middlewareType=Pipelining entryPointName=http routerName=bazarr_https@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating load-balancer" entryPointName=http routerName=bazarr_https@docker serviceName=bazarr,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating server 0 http://172.18.0.15:6767" routerName=bazarr_https@docker serviceName=bazarr entryPointName=http serverName=0,
time="2019-10-02T14:44:23+03:00" level=debug msg="Added outgoing tracing middleware bazarr" entryPointName=http routerName=bazarr_https@docker middlewareType=TracingForwarder middlewareName=tracing,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=http,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" middlewareName=pipelining middlewareType=Pipelining routerName=bazarr@docker entryPointName=https serviceName=bazarr,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating load-balancer" serviceName=bazarr routerName=bazarr@docker entryPointName=https,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating server 0 http://172.18.0.15:6767" entryPointName=https serviceName=bazarr serverName=0 routerName=bazarr@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="Added outgoing tracing middleware bazarr" entryPointName=https routerName=bazarr@docker middlewareName=tracing middlewareType=TracingForwarder,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=https,
time="2019-10-02T14:44:23+03:00" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery,
time="2019-10-02T14:44:23+03:00" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [https traefik http]" routerName=bazarr_https@docker,
time="2019-10-02T14:44:23+03:00" level=debug msg="No default certificate, generating one",
time="2019-10-02T14:44:24+03:00" level=error msg="the router bazarr_https uses a non-existent resolver: basic",
My two containers setup:
  bazarr:
    image: 'linuxserver/bazarr:latest'
    container_name: bazarr
    hostname: bazarr
    volumes:
      - '.\bazarr\config:/config'
    ports:
      - '6767:6767'
    environment:
      - TZ=Europe/Bucharest
      - com.ouroboros.enable=true
    restart: unless-stopped
    env_file:
      - .env
    labels:
      - traefik.port=6767
      - "traefik.enable=true"
      - "traefik.http.routers.bazarr_http.rule=Host(`bazarr.DOMAIN.com`)"
      - "traefik.http.routers.bazarr_https.tls.certresolver=basic"      
      - "traefik.http.routers.bazarr.tls.domains[0].main=DOMAIN.com"
      - "traefik.http.routers.bazarr.tls.domains[0].sans=*.DOMAIN.com"      
      - "traefik.http.routers.bazarr.entrypoints=https"      
      - "traefik.http.services.bazarr.loadbalancer.server.port=6767"  
  traefik_2.0.1:
    image: 'traefik:2.0'
    container_name: traefik_2.0
    hostname: traefik_2.0
    ports:
      - '443:443'
      - '80:80'
      - '8080:8080'
    volumes:
      - '/var/run/docker.sock:/var/run/docker.sock'
      - '.\traefik_2.0.1\traefik.yml:/etc/traefik/traefik.yml'
    env_file:
      - .env
    restart: unless-stopped
    domainname: '${ZONE}'
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik_https.rule=Host(`traefik.localhost`)"
      - "traefik.http.routers.http_traefik.rule=Host(`traefik.localhost`)"      
      - "traefik.http.routers.http_traefik.entrypoints=http"      
      - "traefik.http.routers.traefik_https.entrypoints=https"
      - "traefik.http.routers.traefik_https.tls=true"
      - "traefik.http.routers.traefik_tls.certresolver=mydnschallenge"
      - "traefik.http.routers.traefik_https.service=api@internal"
      # global redirect to https
      - "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
      - "traefik.http.routers.redirs.entrypoints=web"
      - "traefik.http.routers.redirs.middlewares=redirect-to-https"
    environment:
      - 'CF_API_EMAIL=${EMAIL}'
      - 'CF_API_KEY=${API_KEY}'
      - com.ouroboros.enable=true
      - TZ=Europe/Bucharest
    command:
      - '--acme.storage=/acme.json'
      - '--log.level=DEBUG'
      - '--log.filePath=/traefik.log'
      - '--log.format=json'
      - '--global.checkNewVersion=true'
      - '--global.sendAnonymousUsage=false'
      - '--entryPoints.web.address=:80'
      - '--entryPoints.websecure.address=:443'
      - '--api'
      - '--ping'
      - '--certificatesResolvers.basic.acme.email=EMAIL@gmail.com'
      - '--certificatesResolvers.basic.acme.storage=/acme.json'
      - '--certificatesResolvers.basic.acme.dnschallenge.provider=cloudflare'
      - '--certificatesResolvers.basic.acme.dnsChallenge.delayBeforeCheck=60'
      - '--certificatesResolvers.basic.acme.dnsChallenge.entryPoint=web'
      - '--certificatesResolvers.basic.acme.dnsChallenge.resolvers="1.1.1.1:53,8.8.8.8:53"'
      - '--providers.docker.exposedByDefault=false'
      - '--providers.docker.watch=true'
      - '--providers.docker.swarmMode=false'
traefik.yml content although I tried to comment out the mounted file inside compose I received some errors, hence is still present although all config is done in compose and not in the config file:
global:
  checkNewVersion: true
  sendAnonymousUsage: false
serversTransport:
  insecureSkipVerify: true
entryPoints:
  web:
    address: :80
  websecure:
    address: :443
providers:
  docker:
    watch: true
    endpoint: unix:///var/run/docker.sock
    exposedByDefault: false
    swarmModeRefreshSeconds: 15s
api:
  insecure: true
  dashboard: true
log:
  level: DEBUG
##certificatesResolvers:
##  letsencrypt:
##    acme:
##      email: EMAIL@gmail.com
##      storage: /acme.json
##      dnsChallenge:
##        provider: cloudflare
##        delayBeforeCheck: 1m0s
##        resolvers:
##        - 1.1.1.1:53

You reference resolver named basic but you do not define it in your configuration. This is the doco on the acme resolver (the only one to date I think) Let's Encrypt - Traefik In the examples they define resolver named sample

I thought that this was the resolver:

    command:
      - '--certificatesResolvers.basic.acme.email=EMAIL@gmail.com'
      - '--certificatesResolvers.basic.acme.storage=/acme.json'
      - '--certificatesResolvers.basic.acme.dnschallenge.provider=cloudflare'
      - '--certificatesResolvers.basic.acme.dnsChallenge.delayBeforeCheck=60'
      - '--certificatesResolvers.basic.acme.dnsChallenge.entryPoint=web'
      - '--certificatesResolvers.basic.acme.dnsChallenge.resolvers="1.1.1.1:53,8.8.8.8:53"'

Different sources of static configuration (file, CLI flags, ...) cannot be mixed

As I said, I tried to get rid of the file today as I started adding labels and commands into the compose file but something didn't worked as expected and the container started spitting out some weird errors that I ca't exactly remember now.
As far as I can tell, the entire config file is transported as commands and labels into the compose file right now. So if you can explain to me how can I make traefik forget about the config file and work entirely out of the compose file I'll be more than happy to try again.

Thanks a lot.

Just remove all references to traefik.toml from all your configuration. Report back any errors.

Here we go again.

Current compose file:

  traefik_2.0.1:
    image: 'traefik:2.0'
    container_name: traefik_2.0
    hostname: traefik_2.0
    ports:
      - '443:443'
      - '80:80'
      - '8080:8080'
    volumes:
      - '/var/run/docker.sock:/var/run/docker.sock'
#      - '.\traefik_2.0.1\traefik.yml:/etc/traefik/traefik.yml'
    env_file:
      - .env
    restart: unless-stopped
    domainname: '${ZONE}'
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik_https.rule=Host(`traefik.localhost`)"
      - "traefik.http.routers.http_traefik.rule=Host(`traefik.localhost`)"      
      - "traefik.http.routers.http_traefik.entrypoints=http"      
      - "traefik.http.routers.traefik_https.entrypoints=https"
      - "traefik.http.routers.traefik_https.tls=true"
      - "traefik.http.routers.traefik_tls.certresolver=basic"
      - "traefik.http.routers.traefik_https.service=api@internal"
      - "traefik.http.routers.traefik.tls.domains[0].main=DOMAIN.com"
      - "traefik.http.routers.traefik.tls.domains[0].sans=*.DOMAIN.com"         
      # global redirect to https
      - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
      - "traefik.http.routers.http-catchall.entrypoints=web"
      - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
      # middleware redirect
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      
    environment:
      - 'CF_API_EMAIL=${EMAIL}'
      - 'CF_API_KEY=${API_KEY}'
      - com.ouroboros.enable=true
      - TZ=Europe/Bucharest
    command:
      - '--acme.storage=/acme.json'
      - '--log.level=DEBUG'
      - '--log.filePath=/traefik.log'
      - '--log.format=json'
      - '--global.checkNewVersion=true'
      - '--global.sendAnonymousUsage=false'
      - '--entryPoints.web.address=:80'
      - '--entryPoints.websecure.address=:443'
      - '--api'
      - '--api.debug'
      - '--api.insecure'
      - '--api.dashboard'
      - '--ping'
      - '--certificatesresolvers.basic.acme.email=EMAIL@gmail.com'
      - '--certificatesresolvers.basic.acme.storage=/acme.json'
      - '--certificatesresolvers.basic.acme.dnschallenge.provider=cloudflare'
#      - '--certificatesresolvers.basic.acme.dnschallenge=true'
      - '--certificatesresolvers.basic.acme.dnsChallenge.delayBeforeCheck=60'
      - '--certificatesresolvers.basic.acme.dnsChallenge.entryPoint=web'
      - '--certificatesresolvers.basic.acme.dnsChallenge.resolvers="1.1.1.1:53,8.8.8.8:53"'
      - '--providers.docker.exposedByDefault=false'
      - '--providers.docker.watch=true'
      - '--providers.docker.swarmMode=false'

So I commented out the yml reference as you can see, now the container is in a boot loop with the below log:

2019/10/02 23:08:36 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:08:39 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:08:41 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:08:43 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:08:46 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:08:48 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:08:53 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:09:00 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:09:14 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:09:41 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:10:33 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:11:34 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:12:36 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:13:37 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:14:39 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:15:40 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:16:41 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:17:43 command traefik error: failed to decode configuration from flags: field not found, node: acme,
2019/10/02 23:18:44 command traefik error: failed to decode configuration from flags: field not found, node: acme,

There is no --acme.storage flag in v2.

https://docs.traefik.io/reference/static-configuration/cli/

Commented that out, reboot and the log has an entrypoint problem now:

2019/10/02 23:31:00 command traefik error: failed to decode configuration from flags: field not found, node: entryPoint

Later Edit: I've read somewhere that this means that I have to remove the entrypoint used for dns challenge. Latest compose version:

  bazarr:
    image: 'linuxserver/bazarr:latest'
    container_name: bazarr
    hostname: bazarr
    volumes:
      - '.\bazarr\config:/config'
    ports:
      - '6767:6767'
    environment:
      - TZ=Europe/Bucharest
      - com.ouroboros.enable=true
    restart: unless-stopped
    env_file:
      - .env
    labels:
#      - traefik.frontend.passHostHeader=true
#      - traefik.port=6767
      - "traefik.enable=true"
      - "traefik.http.routers.bazarr_http.rule=Host(`bazarr.DOMAIN.com`)"
      - "traefik.http.routers.bazarr.tls=true"
      - "traefik.http.routers.bazarr.tls.certresolver=basic"
#      - "traefik.http.routers.bazarr.tls.domains[0].main=DOMAIN.com"
#      - "traefik.http.routers.bazarr.tls.domains[0].sans=*.DOMAIN.com"      
#      - "traefik.http.routers.bazarr.entrypoints=https"      
      - "traefik.http.services.bazarr.loadbalancer.server.port=6767"  
  traefik_2.0.1:
    image: 'traefik:2.0'
    container_name: traefik_2.0
    hostname: traefik_2.0
    ports:
      - '443:443'
      - '80:80'
      - '8080:8080'
    volumes:
      - '/var/run/docker.sock:/var/run/docker.sock'
#      - '.\traefik_2.0.1\traefik.yml:/etc/traefik/traefik.yml'
    env_file:
      - .env
    restart: unless-stopped
    domainname: '${ZONE}'
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik_https.rule=Host(`traefik.localhost`)"
      - "traefik.http.routers.http_traefik.rule=Host(`traefik.localhost`)"      
      - "traefik.http.routers.http_traefik.entrypoints=http"      
      - "traefik.http.routers.traefik_https.entrypoints=https"
      - "traefik.http.routers.traefik_https.tls=true"
      - "traefik.http.routers.traefik_tls.certresolver=basic"
      - "traefik.http.routers.traefik_https.service=api@internal"
      - "traefik.http.routers.traefik.tls.domains[0].main=DOMAIN.com"
      - "traefik.http.routers.traefik.tls.domains[0].sans=*.DOMAIN.com"         
      # global redirect to https
      - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
      - "traefik.http.routers.http-catchall.entrypoints=web"
      - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
      # middleware redirect
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      
    environment:
      - 'CF_API_EMAIL=${EMAIL}'
      - 'CF_API_KEY=${API_KEY}'
      - com.ouroboros.enable=true
      - TZ=Europe/Bucharest
    command:
#      - '--acme.storage=/acme.json'
      - '--log.level=DEBUG'
      - '--log.filePath=/traefik.log'
      - '--log.format=json'
      - '--global.checkNewVersion=true'
      - '--global.sendAnonymousUsage=false'
      - '--entryPoints.web.address=:80'
      - '--entryPoints.web-secure.address=:443'
      - '--api'
      - '--api.debug'
      - '--api.insecure'
      - '--api.dashboard'
      - '--ping'
      - '--certificatesresolvers.basic.acme.email=EMAIL@gmail.com'
      - '--certificatesresolvers.basic.acme.storage=/acme.json'
      - '--certificatesresolvers.basic.acme.dnschallenge.provider=cloudflare'
#      - '--certificatesresolvers.basic.acme.dnschallenge=true'
      - '--certificatesresolvers.basic.acme.dnsChallenge.delayBeforeCheck=60'
#      - '--certificatesresolvers.basic.acme.dnsChallenge.entryPoint=web'
      - '--certificatesresolvers.basic.acme.dnsChallenge.resolvers="1.1.1.1:53,8.8.8.8:53"'
      - '--providers.docker.exposedByDefault=false'
      - '--providers.docker.watch=true'
      - '--providers.docker.swarmMode=false'

Below is the only log line passed since traefik container was restarted last time.

time="2019-10-03T00:13:57+03:00" level=info msg="Configuration loaded from flags."

Problems still standing, certificates and HTTPS redirect.

Maybe best you put the files for your swarm in a github project so people can compare. Minus any passwords.

Each time you have slightly different issues, you fix one, next crops up, so sorry, but I cannot really tell what certificates and HTTPS redirect problem is.

Can you explain a bit more? Thanks.

No swarm here and now I just have the compose file wich is being modified whenever I have the time to test.

Well, what puzzled me was the fact that the last time the log had only one line. Not an error message which is good but one line can't help you identify what worked and what not.

At that moment bazarr.domain.com was accessible through http. I restarted the container and then it stopped being reachable through internet.

I'll start digging again today and see what's going on..