Traefik and Docspell

Traefik Traefik v2
1

Hello Guys,

I started using Traefik a few days ago and so far everything worked like a charm!
I am not too experienced with Traefik and Docker though and i stumbled into a task that i cannot resolve myself (getting the app docspell to work with traefik).

This is my Docker-compose file of Docspell:


version: '3.8'
services:

  # The restserver and joex containers defined here are configured
  # using env variables. Both must connect to the same database and
  # solr instance. More information on configuring can be found here:
  # https://docspell.org/docs/configure
  #
  # Please replace the values of the following with a custom secret
  # string:
  #
  # - DOCSPELL_SERVER_ADMIN__ENDPOINT_SECRET
  # - DOCSPELL_SERVER_AUTH_SERVER__SECRET
  # - DOCSPELL_SERVER_INTEGRATION__ENDPOINT_HTTP__HEADER_HEADER__VALUE
  #   (use the same value at the consumedir container!)
  #
  # After creating an account, you may want to set signup mode to
  # "closed" or to "invite". When using invite, you must also set
  # DOCSPELL_SERVER_BACKEND_SIGNUP_NEW__INVITE__PASSWORD to some
  # secret.
  restserver:
    image: docspell/restserver:latest
    container_name: docspell-restserver
    restart: unless-stopped
#    ports:
#      - "7880:7880"
    environment:
      - TZ=Europe/Berlin
      - DOCSPELL_SERVER_INTERNAL__URL=http://docspell-restserver:7880
      - DOCSPELL_SERVER_ADMIN__ENDPOINT_SECRET=admin123
      - DOCSPELL_SERVER_AUTH_SERVER__SECRET=
      - DOCSPELL_SERVER_BACKEND_JDBC_PASSWORD=dbpass
      - DOCSPELL_SERVER_BACKEND_JDBC_URL=jdbc:postgresql://db:5432/dbname
      - DOCSPELL_SERVER_BACKEND_JDBC_USER=dbuser
      - DOCSPELL_SERVER_BIND_ADDRESS=0.0.0.0
      - DOCSPELL_SERVER_FULL__TEXT__SEARCH_ENABLED=true
      - DOCSPELL_SERVER_FULL__TEXT__SEARCH_SOLR_URL=http://docspell-solr:8983
/solr/docspell
      - DOCSPELL_SERVER_INTEGRATION__ENDPOINT_ENABLED=true
      - DOCSPELL_SERVER_INTEGRATION__ENDPOINT_HTTP__HEADER_ENABLED=true
      - DOCSPELL_SERVER_INTEGRATION__ENDPOINT_HTTP__HEADER_HEADER__VALUE=integration-password123
      - DOCSPELL_SERVER_BACKEND_SIGNUP_MODE=open
      - DOCSPELL_SERVER_BACKEND_SIGNUP_NEW__INVITE__PASSWORD=
      - DOCSPELL_SERVER_BACKEND_ADDONS_ENABLED=false
    labels:
      - traefik.enable=true
      - traefik.http.routers.docspell.rule=Host(`docspell.replacedforprivacy.com`)
      - traefik.http.routers.docspell.entrypoints=websecure
      - traefik.http.routers.docspell.tls=true
      - traefik.http.routers.docspell.tls.certresolver=lets-encrypt
      - traefik.http.services.docspell.loadbalancer.server.scheme=https
      - traefik.http.services.docspell.loadbalancer.server.port=7880
    depends_on:
      - solr
      - db

  joex:
    image: docspell/joex:latest
    container_name: docspell-joex
    ## For more memory add corresponding arguments, like below. Also see
    ## https://docspell.org/docs/configure/#jvm-options
    # command:
    #   - -J-Xmx3G
    restart: unless-stopped
    environment:
      - TZ=Europe/Berlin
      - DOCSPELL_JOEX_APP__ID=joex1
      - DOCSPELL_JOEX_PERIODIC__SCHEDULER_NAME=joex1
      - DOCSPELL_JOEX_SCHEDULER_NAME=joex1
      - DOCSPELL_JOEX_BASE__URL=http://docspell-joex:7878
      - DOCSPELL_JOEX_BIND_ADDRESS=0.0.0.0
      - DOCSPELL_JOEX_FULL__TEXT__SEARCH_ENABLED=true
      - DOCSPELL_JOEX_FULL__TEXT__SEARCH_SOLR_URL=http://docspell-solr:8983/solr/docspell
      - DOCSPELL_JOEX_JDBC_PASSWORD=dbpass
      - DOCSPELL_JOEX_JDBC_URL=jdbc:postgresql://db:5432/dbname
      - DOCSPELL_JOEX_JDBC_USER=dbuser
      - DOCSPELL_JOEX_ADDONS_EXECUTOR__CONFIG_RUNNER=docker,trivial
    ports:
      - "7878:7878"
    depends_on:
      - solr
      - db
    ## Uncomment when using the "docker" runner with addons
    # volumes:
    #   - /var/run/docker.sock:/var/run/docker.sock
    #   - /tmp:/tmp

  # The consumedir container watches a directory for files to upload
  # to docspell restserver. This uses the `dsc` tool. For information
  # on the available options, see `dsc --help`.
  # https://github.com/docspell/dsc
  #
  # The value after `Docspell-Integration` must match the secret
  # specified at the restserver via
  # DOCSPELL_SERVER_INTEGRATION__ENDPOINT_HTTP__HEADER_HEADER__VALUE.
  #
  # The --not-matches "**/.*" option is to exclude hidden files.
  consumedir:
    image: docspell/dsc:latest
    container_name: docspell-consumedir
    command:
      - dsc
      - "-d"
      - "http://docspell-restserver:7880"
      - "watch"
      - "--delete"
      - "-ir"
      - "--not-matches"
      - "**/.*"
      - "--header"
      - "Docspell-Integration:integration-password123"
      - "/opt/docs"
    restart: unless-stopped
    volumes:
      - ./docs:/opt/docs
    depends_on:
      - restserver

  db:
    image: postgres:14.4
    container_name: postgres_db
    restart: unless-stopped
    volumes:
      - docspell-postgres_data:/var/lib/postgresql/data/
    environment:
      - POSTGRES_USER=dbuser
      - POSTGRES_PASSWORD=dbpass
      - POSTGRES_DB=dbname

  solr:
    image: solr:9
    container_name: docspell-solr
    restart: unless-stopped
    volumes:
      - docspell-solr_data:/var/solr
    command:
      - solr-precreate
      - docspell
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8983/solr/docspell/admin/ping"]
      interval: 1m
      timeout: 10s
      retries: 2
      start_period: 30s

volumes:
  docspell-postgres_data:
  docspell-solr_data:

This compose file does not work for me, i get an 404. I then checked the docspell docs which state the following (without further info). Link: Reverse Proxy - Docspell Documentation

http:

  routers:
    docspell:
      rule: "Host(`docspell.example.com`)"
      service: docspell
      entryPoints:
      - web-secure # or whatever you named it for SSL

  services:
    docspell:
      loadBalancer:
        servers:
          - url: http://192.168.1.11:7880 # the ip of the container, localhost if you use docker port mapping
        healthCheck:
          path: /api/info/version

And this is where I am lost. Is this information that goes into the Traefik configuration or traefik's docker-compose.yml?

This is how my traefik_dynamic.toml configuration looks currently:

[http.middlewares.simpleAuth.basicAuth]
  users = [
    "replacedforprivacy"
  ]

[http.routers.api]
  rule = "Host(`traefik.replacedforprivacy.com`)"
  entrypoints = ["websecure"]
  middlewares = ["simpleAuth"]
  service = "api@internal"
  [http.routers.api.tls]
    certResolver = "lets-encrypt"

[http.middlewares]

and traefik.toml

[entryPoints]
  [entryPoints.web]
    address = ":80"
    [entryPoints.web.http.redirections.entryPoint]
      to = "websecure"
      scheme = "https"

  [entryPoints.websecure]
    address = ":443"

[api]
  dashboard = true

[certificatesResolvers.lets-encrypt.acme]
  email = "admin@replacedforprivacy.com"
  storage = "acme.json"
  [certificatesResolvers.lets-encrypt.acme.tlsChallenge]

[providers.docker]
  watch = true
  network = "web"

[providers.file]
  filename = "traefik_dynamic.toml"

[serversTransport]
  insecureSkipVerify = true

And the docker-compose file:

version: '3.3'
services:
    traefik:
        volumes:
            - '/var/run/docker.sock:/var/run/docker.sock'
            - '$PWD/traefik.toml:/traefik.toml'
            - '$PWD/traefik_dynamic.toml:/traefik_dynamic.toml'
            - '$PWD/acme.json:/acme.json'
        ports:
            - '80:80'
            - '443:443'
        network_mode: web
        container_name: traefik
        image: 'traefik:v2.2'

I'd appreciate any help. Thank you! :slight_smile: