Traefik External Link to TrueNAS

Traefik Traefik v3 (latest)
1

Hello,

I've got a docker set up which is working great and I've got two external services one being the main box that docker/dockge is hosted on, and the other being TrueNAS. I've set it up so I can use docker.domain.com with no problems... I copied the settings I used for that for TrueNAS to point to tn1.domain.com but nothing on that one.

The .yaml is below:

http:
 #region routers
  routers:
    dockge:
      entryPoints:
        - "https"
      rule: "Host(`docker.domain.com`)"
      middlewares:
        - default-headers
        - https-redirectscheme
      tls: {}
      service: dockge
    truenas:
      entryPoints:
        - "https"
      rule: "Host(`tn1.domain.com`)"
      middlewares:
        - default-headers
        - https-redirectscheme
      tls: {}
      service: truenas

#endregion
#region services
  services:
    dockge:
      loadBalancer:
        servers:
          - url: "http://192.168.123.98:5001"
        passHostHeader: true
    truenas:
      loadBalancer:
        servers:
          - url: "http://192.168.123.99:444"
        passHostHeader: true
#endregion
  middlewares:
    https-redirectscheme:
      redirectScheme:
        scheme: https
        permanent: true
    default-headers:
      headers:
        frameDeny: true
        browserXssFilter: true
        contentTypeNosniff: true
        forceSTSHeader: true
        stsIncludeSubdomains: true
        stsPreload: true
        stsSeconds: 15552000
        customFrameOptionsValue: SAMEORIGIN
        customRequestHeaders:
          X-Forwarded-Proto: https

    default-whitelist:
      ipAllowList:
        sourceRange:
        - "10.0.0.0/8"
        - "192.168.0.0/16"
        - "172.16.0.0/12"

    secured:
      chain:
        middlewares:
        - default-whitelist
        - default-headers

The router, and service both show up in the Traefik interface and show functioning but when I load tn1.domain.com connection refused but if I go to 192.168.123.99:444 I get a cert error but can by pass that and log in.

Hope this is enough info. And thanks for the help!

2

Connection refused could indicate that it’s not the right target IP for domain in DNS. So those requests probably never reach Traefik.

Enable and check Traefik debug log and access log.

Using internal port 444 with untrusted cert indicates two other issues: it’s https protocol, so you should use https in loadbalancer.servers.url.

Furthermore Truenas is using a proprietary protocol, so you need to set insecureskipverify - either globally in Traefik static config or declare a serversTransport with it and assign that to the service in dynamic config.

Not sure if Truenas also works with plain http, then you would just need to use the right port.

3

You were right it wasn't hitting Traefik... fixed the DNS entry and now it def is but I'm getting "bad gateway" when I try to load it. It also should be pulling a cert from Cloudflare but looks like it's not... I'm beginning to wonder if the config.yml I pulled offline left that part out...

4

Share your full Traefik static and dynamic config, and docker-compose.yml if used.