noob
April 2, 2023, 5:58pm
1
Hi,
Unfortunately I cannot get Traefik to work and I would need some help. I am trying to host Firefly (and later other services) over HTTPS.
Here is my traefik.yml
:
global:
checkNewVersion: true
sendAnonymousUsage: true
entryPoints:
web:
address: :80
websecure:
address: :443
log:
level: INFO
filePath: /home/msj/traefik/log/traefik.log
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
certificatesResolvers:
lets-encr:
acme:
email: mail@example.com
storage: acme.json
dnsChallenge:
provider: cloudflare
resolvers:
- "1.1.1.1:53"
- "8.8.8.8:53"
.env
:
MY_DOMAIN=example.com
DEFAULT_NETWORK=traefik_net
CF_API_EMAIL=xxx
CF_API_KEY=xxx
docker-compose.yml
:
version: '3'
services:
traefik:
image: traefik:v2.9
container_name: "traefik"
hostname: "traefik"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- "./traefik.yml:/traefik.yml:ro"
- "./acme.json:/acme.json"
firefly:
image: fireflyiii/core:latest
restart: always
hostname: firefly
volumes:
- firefly_iii_upload:/var/www/html/storage/upload
env_file: .env-firefly
ports:
- "6701:6701"
labels:
- "traefik.enable=true"
- "traefik.http.routers.firefly.entrypoints=websecure"
- "traefik.http.routers.firefly.rule=Host(`firefly.$MY_DOMAIN`)"
- "traefik.http.routers.firefly.tls.certresolver=lets-encr"
- "traefik.http.routers.firefly.tls.domains[0].main=firefly.$MY_DOMAIN"
depends_on:
- db
- traefik
db:
image: mariadb
hostname: fireflyiiidb
restart: always
volumes:
- firefly_iii_db:/var/lib/mysql
volumes:
firefly_iii_upload:
firefly_iii_db:
networks:
default:
name: $DEFAULT_NETWORK
external: true
When I try to access firefly.example.com
I get the 404 page not found
. Any help appreciated!
You should attach Traefik and Firefly to a Docker network.
You can remove the line, Traefik will automatically match by Host()
and use it for the cert.
For reference a simple Traefik example .
noob
April 3, 2023, 5:30pm
3
Thank you for the help.
With your guide I was able to get whoami
to work with HTTPS. However I could not get Firefly to work. The error changed from 404
to Bad gateway
.
Here is my updated docker-compose.yml
:
version: '3.9'
services:
traefik:
image: traefik:v3.0
ports:
- 80:80
- 443:443
networks:
- proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- letsencrypt:/letsencrypt
- /var/log:/var/log
command:
- --api.dashboard=false
- --log.level=INFO
- --log.filepath=/var/log/traefik.log
- --accesslog=true
- --accesslog.filepath=/var/log/traefik-access.log
- --providers.docker.network=proxy
- --providers.docker.exposedByDefault=false
- --entrypoints.web.address=:80
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entryPoints.web.http.redirections.entrypoint.scheme=https
- --entrypoints.websecure.address=:443
- --entrypoints.websecure.asDefault=true
- --entrypoints.websecure.http.tls.certresolver=myresolver
- --certificatesresolvers.myresolver.acme.email=info@example.com
- --certificatesresolvers.myresolver.acme.tlschallenge=true
- --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
labels:
- traefik.enable=true
firefly:
image: fireflyiii/core:latest
restart: always
hostname: firefly
networks:
- proxy
volumes:
- firefly_iii_upload:/var/www/html/storage/upload
env_file: .env-firefly
labels:
- traefik.enable=true
- traefik.http.routers.firefly.rule=Host(`firefly.example.com`) || Host(`www.firefly.example.com`)
- traefik.http.services.firefly.loadbalancer.server.port=80
- traefik.http.middlewares.mywwwredirect.redirectregex.regex=^https://www\.(.*)
- traefik.http.middlewares.mywwwredirect.redirectregex.replacement=https://$${1}
- traefik.http.routers.firefly.middlewares=mywwwredirect
depends_on:
- db
- traefik
db:
image: mariadb
hostname: fireflyiiidb
networks:
- proxy
restart: always
environment:
- removed_envs
volumes:
- firefly_iii_db:/var/lib/mysql
networks:
proxy:
name: proxy
volumes:
firefly_iii_upload:
firefly_iii_db:
letsencrypt:
name: letsencrypt
I think you can remove all mywwwredirect
.
You set loadbalancer.server.port
to 80, is that the correct port for Firefly internally?
noob
April 3, 2023, 6:38pm
5
No it was not... Thank you so much! Managed to get it up and running. Now I just have to figure out how to get Firefly to use the old volumes. (I borked my nginx server an decided to go with Traefik)