hello,
i have the docker-compose.yml that is below and i can connect to http://localhost:8888 , but it does not ask me for any credentials
moreover, when i try to connect to https, i get a 404 error page
any advice would be very appreciated, thank you in advance
version: '3.3'
networks:
red_traefik:
external: true
services:
traefik:
image: traefik:v2.9.10
container_name: "traefik"
restart: always
command:
- "--log.level=DEBUG"
- "--api.dashboard=true"
- "--api.insecure=true"
- "--entrypoints.web_80.address=:80"
- "--entrypoints.web_443.address=:443"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--certificatesresolvers.midesafiotls.acme.httpchallenge=true"
- "--certificatesresolvers.midesafiotls.acme.httpchallenge.entrypoint=web_80"
- "--certificatesresolvers.midesafiotls.acme.email=fulano@ejemplo.com"
- "--certificatesresolvers.midesafiotls.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "8888:8080"
labels:
- "traefik.enable=true"
# HTTPS Redirect
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web_80"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# Dashboard
- "traefik.http.routers.traefik-router.entrypoints=web_443"
- "traefik.http.routers.traefik-router.rule=Host(`servidor.ejemplo.com`)"
- "traefik.http.routers.traefik-router.tls=true"
- "traefik.http.routers.traefik-router.tls.certresolver=midesafiotls"
- "traefik.http.routers.traefik-router.service=api@internal"
# autenticacion
- "traefik.http.routers.traefik-router.middlewares=dashboardauth"
- "traefik.http.middlewares.dashboardauth.basicauth.users=gestor:$$apr1$$cLtMckxk$$ZDXcGECjJ6tl.q17BnIrF."
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./datos_letsencrypt:/letsencrypt
networks:
- red_traefik
Remove this line:
ginesdelpan:
- "--api.insecure=true"
Insecure Mode
You can also compare to this simple Traefik example .
tank you for the reply
when i remove the insecure directive, i get the errors:
$ wget http://127.0.0.1:8888/
--2023-04-21 13:34:27-- http://127.0.0.1:8888/
Connecting to 127.0.0.1:8888... connected.
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Retrying.
--2023-04-21 13:34:28-- (try: 2) http://127.0.0.1:8888/
Connecting to 127.0.0.1:8888... connected.
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Retrying.
^C
$ wget https://127.0.0.1:8888/
--2023-04-21 13:34:33-- https://127.0.0.1:8888/
Connecting to 127.0.0.1:8888... connected.
OpenSSL: error:0A000126:SSL routines::unexpected eof while reading
Unable to establish SSL connection.
$ wget https://127.0.0.1:8888/
--2023-04-21 13:34:49-- https://127.0.0.1:8888/
Connecting to 127.0.0.1:8888... connected.
Unable to establish SSL connection.
also, i have been checking the docker-compose.yml you said and i rewrite my docker-compose.yml with a new router
# Dashboard
- "traefik.http.routers.cuadro_de_mando.rule=Host(`servidor.ejemplo.com`)"
- "traefik.http.routers.cuadro_de_mando.service=api@internal"
- "traefik.http.routers.cuadro_de_mando.middlewares=dashboard_auth"
- "traefik.http.middlewares.dashboard_auth.basicauth.users=gestor:$$apr1$$cLtMckxk$$ZDXcGECjJ6tl.q17BnIrF."
but i get the same errors
Your Traefik Dashboard is now listening on the main entrypoints, not on port 8888. (You haven't declared that as entrypoint.)
Also you can't access it via IP, because Traefik will only forward when the domain from rule=Host() is used. Well, you can use IP, but you need to supply the domain as HTTP header in the wget.
@bluepuma77 you were right: i missed the entrypoint for the port 8888
and another reason it didn't work was that i had i mistake 'exposing' the port because i had written:
- "8888:8080"
and it is
- "8888:8888"
so, my full docker-compose.yml is:
services:
traefik:
image: traefik:v2.9.10
container_name: "traefik"
restart: always
command:
- "--log.level=DEBUG"
- "--api.dashboard=true"
- "--entrypoints.web_80.address=:80"
- "--entrypoints.web_443.address=:443"
- "--entrypoints.web_cuadro_mando.address=:8888"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--certificatesresolvers.midesafiotls.acme.httpchallenge=true"
- "--certificatesresolvers.midesafiotls.acme.httpchallenge.entrypoint=web_80"
- "--certificatesresolvers.midesafiotls.acme.email=fulano@ejemplo.com"
- "--certificatesresolvers.midesafiotls.acme.storage=/letsencrypt/acme.json"
ports: - "80:80"
- "80:80"
- "443:443"
- "8888:8888" # para el dashboard
labels:
- "traefik.enable=true"
# HTTPS Redirect
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web_80"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# Dashboard: accesible en: https://servidor.ejemplo.com:8888/dashboard/
- "traefik.http.routers.cuadro_de_mando.entrypoints=web_cuadro_mando"
- "traefik.http.routers.cuadro_de_mando.rule=Host(`servidor.ejemplo.com`)"
- "traefik.http.routers.cuadro_de_mando.tls=true"
- "traefik.http.routers.cuadro_de_mando.tls.certresolver=midesafiotls"
- "traefik.http.routers.cuadro_de_mando.service=api@internal"
# autenticacion
- "traefik.http.routers.cuadro_de_mando.middlewares=dashboardauth"
- "traefik.http.middlewares.dashboardauth.basicauth.users=gestor:$$apr1$$cLtMckxK$$ZDXcGECjJ6tl.qi7BnIrF."
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./datos_letsencrypt:/letsencrypt
networks:
- red_traefik
thank you very much for your help