Traefik 2 + Docker Swarm: Ignoring my Labels

Traefik Traefik v2
,
1

Hello Guys, i've spent my last 6 hours to configure a global http to https redirection in traefik
It only works, if configured in service level
Searchig about, i found that it can be done using middlewares that can be added in the labels section
There is the problem: the traefik service is ignoring this section
I've tried infinite ways, and watching logs and it doesn't even give me an error if I write wrong things in there (like shows in service labels)

This is my compose file

version: '3'

services:
  traefik:
    image: traefik:v2.0.0
    command:
      - --api.insecure=true # set to 'false' on production
      - --api.dashboard=true # see https://docs.traefik.io/v2.0/operations/dashboard/#secure-mode for how to secure the dashboard
      - --api.debug=true # enable additional endpoints for debugging and profiling
      - --log.level=DEBUG # debug while we get it working, for more levels/info see https://docs.traefik.io/observability/logs/
      - --providers.docker.endpoint=unix:///var/run/docker.sock
      - --providers.docker.swarmMode=true
      - --providers.docker.exposedbydefault=false
      - --providers.docker.network=traefik-public
      - --entrypoints.web.address=:80
      - --entrypoints.websecure.address=:443
      - --certificatesresolvers.letsencryptresolver.acme.httpchallenge=true
      - --certificatesresolvers.letsencryptresolver.acme.httpchallenge.entrypoint=web
      - --certificatesresolvers.letsencryptresolver.acme.email=user@domain
.tk
      - --certificatesresolvers.letsencryptresolver.acme.storage=/letsencrypt/acme.json
    ports:
      - 80:80
      - 443:443
      - 8080:8080
    volumes:
      # To persist certificates
      - traefik-certificates:/letsencrypt
      # So that Traefik can listen to the Docker events
      - /var/run/docker.sock:/var/run/docker.sock:ro
    labels:
      - traefik.enable=true
      # Dashboard
      - traefik.http.routers.traefik.rule=Host(`proxy.domain.tk`)
      - traefik.http.routers.traefik.service=api@internal
      - traefik.http.routers.traefik.tls.certresolver=letsencryptresolver
      - traefik.http.routers.traefik.entrypoints=websecure
      - traefik.http.routers.traefik.middlewares=authtraefik
      # user/passwor
      - traefik.http.middlewares.authtraefik.basicauth.users=user:$$apr1$$q8eZFHjF$$Fvmkk//V6Btlaf2i/ju5n/
      
      # global redirect to https
      - traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)
      - traefik.http.routers.http-catchall.entrypoints=web
      - traefik.http.routers.http-catchall.middlewares=redirect-to-https

      # middleware redirect
      - traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
    networks:
      - traefik-public
    deploy:
      placement:
        constraints:
          - node.role == manager

Someone knows how to fix that? Thanks :smiley:

2

I've finally found where to change to make my labels get noticed xD

Needs to change the labels inside deploy (i had already tried this)
But putting this inside

# Dummy service for Swarm port detection. The port can be any valid integer value.
- "traefik.http.services.dummy-svc.loadbalancer.server.port=9999"

When my configs ends, i'll post the code here

-- edit

services:
  traefik:
    image: traefik:v2.0.0
    command:
      - --api.insecure=true # set to 'false' on production
      - --api.dashboard=true # see https://docs.traefik.io/v2.0/operations/dashboard/#secure-mode for how to secure the dashboard
      - --api.debug=true # enable additional endpoints for debugging and profiling
      - --log.level=DEBUG # debug while we get it working, for more levels/info see https://docs.traefik.io/observability/logs/
      - --providers.docker.endpoint=unix:///var/run/docker.sock
      - --providers.docker.swarmMode=true
      - --providers.docker.exposedbydefault=false
      - --providers.docker.network=traefik-public
      - --entrypoints.web.address=:80
      - --entrypoints.websecure.address=:443
      - --certificatesresolvers.letsencryptresolver.acme.httpchallenge=true
      - --certificatesresolvers.letsencryptresolver.acme.httpchallenge.entrypoint=web
      - --certificatesresolvers.letsencryptresolver.acme.email=user@domain.com
      - --certificatesresolvers.letsencryptresolver.acme.storage=/letsencrypt/acme.json
    ports:
      - 80:80
      - 443:443
    volumes:
      # To persist certificates
      - traefik-certificates:/letsencrypt
      # So that Traefik can listen to the Docker events
      - /var/run/docker.sock:/var/run/docker.sock:ro
    networks:
      - traefik-public
    deploy:
      labels:
        - traefik.enable=true
        # Dashboard
        - traefik.http.routers.traefik.rule=Host(`proxy.domain.com`)
        - traefik.http.routers.traefik.service=api@internal
        - traefik.http.routers.traefik.tls.certresolver=letsencryptresolver
        - traefik.http.routers.traefik.entrypoints=websecure
        - traefik.http.routers.traefik.middlewares=authtraefik
        # user/passwor
        - traefik.http.middlewares.authtraefik.basicauth.users=user:$$apr1$$q8eZFHjF$$Fvmkk//V6Btlaf2i/ju5n/
        
        # global redirect to https
        - traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)
        - traefik.http.routers.http-catchall.entrypoints=web
        - traefik.http.routers.http-catchall.middlewares=redirect-to-https
  
        # middleware redirect
        - traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
        - traefik.http.services.dummy-svc.loadbalancer.server.port=9999
      placement:
        constraints:
          - node.role == manager