Nassim
August 5, 2023, 8:50pm
1
Hi,
I have 2 container with multiples routers but i can't figure how to make them working.
Here is a sample of my docker-compose.yml file
version: "3.1"
volumes:
syncthing_data:
secrets:
db_password:
file: ./db_password.txt
db_root_password:
file: ./db_root_password.txt
networks:
vlan2:
external: true
services:
syncthing:
image: lscr.io/linuxserver/syncthing
container_name: syncthing
hostname: syncthing
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/London
volumes:
- /srv/syncthing:/config
- syncthing_data:/srv/data
- /media/sdc:/mnt/sdc
restart: always
networks:
vlan2:
ipv4_address: 192.168.2.105
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=vlan2'
- 'traefik.http.routers.syncthing.rule=Host(`crm.mydomain`)'
- 'traefik.http.routers.syncthing.entrypoints=https, http'
- 'traefik.http.routers.syncthing.tls.certresolver=base'
- 'traefik.http.services.syncthing.loadbalancer.server.port=8384'
- 'traefik.http.routers.syncthing.service=syncthing@docker'
- 'traefik.http.routers.syncthing.tls=true'
- 'traefik.tcp.routers.syncthing_tcp.rule=HostSNI(`*`)'
- 'traefik.tcp.routers.syncthing_tcp.tls=false'
- 'traefik.tcp.routers.syncthing_tcp.entrypoints=syncthing_tcp'
- 'traefik.tcp.services.syncthing_tcp.loadbalancer.server.port=22000'
- 'traefik.tcp.routers.syncthing_tcp.service=syncthing@docker'
- 'traefik.udp.routers.syncthing_udp.rule=HostSNI(`*`)'
- 'traefik.udp.routers.syncthing_udp.tls=false'
- 'traefik.udp.routers.syncthing_udp.entrypoints=syncthing_udp'
- 'traefik.udp.services.syncthing_udp.loadbalancer.server.port=21027'
- 'traefik.udp.routers.syncthing_udp.service=syncthing@docker'
traefik:
image: traefik:latest
restart: always
networks:
vlan2:
ipv4_address: 192.168.2.107
container_name: traefik
volumes:
- './traefik.yml:/etc/traefik/traefik.yml'
- './dynamic.yml:/etc/traefik/dynamic.yml'
- '/var/log/traefik:/var/log/traefik'
- './acme.json:/acme.json'
- '/var/run/docker.sock:/var/run/docker.sock:ro'
ports:
- '80:80'
- '443:443'
environment:
TZ: Europe/Paris
labels:
- "traefik.enable=true"
- 'traefik.http.routers.api.rule=Host(`traefik.mydomain`)'
- 'traefik.http.routers.api.entrypoints=https'
- 'traefik.http.routers.api.service=api@internal'
- 'traefik.http.routers.api.middlewares=myAuth'
- 'traefik.http.services.justAdummyService.loadbalancer.server.port=1337'
- 'traefik.http.routers.api.tls'
- 'traefik.docker.network=vlan2'
- 'traefik.http.routers.api.tls.certresolver=base'
- 'traefik.http.middlewares.myAuth.basicauth.users=someuser:somepassword'
- "traefik.http.middlewares.floc.headers.customresponseheaders.Permissions-Policy=interest-cohort=()"
pihole:
container_name: pihole
restart: always
image: pihole/pihole:latest
networks:
vlan2:
ipv4_address: 192.168.2.111
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=vlan2'
- 'traefik.http.routers.pihole.tls=true'
- 'traefik.http.routers.pihole.rule=Host(`dns.mydomain`)'
- 'traefik.http.routers.pihole.service=pihole@docker'
- 'traefik.http.routers.pihole.entrypoints=https, http'
- 'traefik.http.routers.pihole.tls.certresolver=base'
- 'traefik.http.services.pihole.loadbalancer.server.port=80'
- 'traefik.tcp.routers.pihole_tcp.rule=HostSNI(`*`)'
- 'traefik.tcp.routers.pihole_tcp.tls=false'
- 'traefik.tcp.routers.pihole_tcp.entrypoints=dns'
- 'traefik.tcp.services.pihole_tcp.loadbalancer.server.port=53'
- 'traefik.tcp.routers.pihole_tcp.service=pihole@docker'
- 'traefik.udp.routers.pihole_udp.rule=HostSNI(`*`)'
- 'traefik.udp.routers.pihole_udp.tls=false'
- 'traefik.udp.routers.pihole_udp.entrypoints=dns'
- 'traefik.udp.services.pihole_udp.loadbalancer.server.port=53'
- 'traefik.udp.routers.pihole_udp.service=pihole@docker'
environment:
TZ: 'Europe/Paris'
volumes:
- './pihole:/etc/pihole'
- './dnsmasq.d:/etc/dnsmasq.d'
And here is the error after traefik launch.
time="2023-08-05T22:34:07+02:00" level=error msg="field not found, node: rule" providerName=docker container=syncthing-nassim-53f30b3c8de8b7875423c3f2a57b5c69f1514a0deac78174ba8266c7b5b03645
time="2023-08-05T22:34:07+02:00" level=error msg="field not found, node: rule" container=syncthing-nassim-53f30b3c8de8b7875423c3f2a57b5c69f1514a0deac78174ba8266c7b5b03645 providerName=docker
time="2023-08-05T22:34:37+02:00" level=error msg="field not found, node: rule" providerName=docker container=pihole-nassim-70b338b0055cfccb306d88a20b5b48838edbaf307bc66e97586d7cd2591782d7
time="2023-08-05T22:34:37+02:00" level=error msg="field not found, node: rule" container=syncthing-nassim-53f30b3c8de8b7875423c3f2a57b5c69f1514a0deac78174ba8266c7b5b03645 providerName=docker
Every other routers ans services are corectly build but these 2 are not.
Do you have any idea ?
Thanks!
Share your full Traefik static and dynamic config.
Note that Traefik UDP routers don’t have a rule (doc ).
Nassim
August 6, 2023, 9:53am
3
Hi
Here is my complete config :
docker-compose.yml
version: "3.1"
volumes:
syncthing_data:
baikal_config:
baikal_data:
db:
secrets:
db_password:
file: ./db_password.txt
db_root_password:
file: ./db_root_password.txt
networks:
vlan2:
external: true
services:
watchtower:
image: v2tec/watchtower
container_name: watchtower
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /root/.docker/config.json:/config.json
command: --interval 1600
networks:
vlan2:
ipv4_address: 192.168.2.104
restart: always
labels:
- "traefik.enable=false"
syncthing:
image: lscr.io/linuxserver/syncthing
container_name: syncthing
hostname: syncthing
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/London
volumes:
- /srv/syncthing:/config
- syncthing_data:/srv/data
- /media/sdc:/mnt/sdc
restart: always
networks:
vlan2:
ipv4_address: 192.168.2.105
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=vlan2'
- 'traefik.http.routers.syncthing.rule=Host(`crm.mydomain`)'
- 'traefik.http.routers.syncthing.entrypoints=https, http'
- 'traefik.http.routers.syncthing.tls.certresolver=base'
- 'traefik.http.services.syncthing.loadbalancer.server.port=8384'
- 'traefik.http.routers.syncthing.service=syncthing@docker'
- 'traefik.http.routers.syncthing.tls=true'
- 'traefik.tcp.routers.syncthing_tcp.rule=HostSNI(`*`)'
- 'traefik.tcp.routers.syncthing_tcp.tls=false'
- 'traefik.tcp.routers.syncthing_tcp.entrypoints=syncthing_tcp'
- 'traefik.tcp.services.syncthing_tcp.loadbalancer.server.port=22000'
- 'traefik.tcp.routers.syncthing_tcp.service=syncthing@docker'
- 'traefik.udp.routers.syncthing_udp.rule=HostSNI(`*`)'
- 'traefik.udp.routers.syncthing_udp.tls=false'
- 'traefik.udp.routers.syncthing_udp.entrypoints=syncthing_udp'
- 'traefik.udp.services.syncthing_udp.loadbalancer.server.port=21027'
- 'traefik.udp.routers.syncthing_udp.service=syncthing@docker'
baikal:
restart: always
image: ckulka/baikal:nginx
container_name: baikal
networks:
vlan2:
ipv4_address: 192.168.2.106
volumes:
- baikal_config:/var/www/baikal/config
- baikal_data:/var/www/baikal/Specific
#ports:
# - 8239:80
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=vlan2'
- 'traefik.http.routers.baikal.tls=true'
- 'traefik.http.routers.baikal.service=baikal@docker'
- 'traefik.http.routers.baikal.rule=Host(`dav.mydomain`)'
- 'traefik.http.routers.baikal.tls.certresolver=base'
- 'traefik.http.routers.baikal.entrypoints=https, http'
- 'traefik.http.services.baikal.loadbalancer.server.port=80'
- 'traefik.http.routers.baikal.middlewares=baikal-dav'
#- 'traefik.http.middlewares.floc.headers.customresponseheaders.Permissions-Policy=interest-cohort=()'
- 'traefik.http.middlewares.baikal-dav.redirectregex.regex=^/.well-known/(card|cal)dav'
- 'traefik.http.middlewares.baikal-dav.redirectregex.replacement=https://$$1/dav.php/'
- 'traefik.http.middlewares.baikal-dav.redirectregex.permanent=true'
traefik:
image: traefik:latest
restart: always
networks:
vlan2:
ipv4_address: 192.168.2.107
container_name: traefik
volumes:
- './traefik.yml:/etc/traefik/traefik.yml'
- './dynamic.yml:/etc/traefik/dynamic.yml'
- '/var/log/traefik:/var/log/traefik'
- './acme.json:/acme.json'
- '/var/run/docker.sock:/var/run/docker.sock:ro'
ports:
- '80:80'
- '443:443'
environment:
TZ: Europe/Paris
labels:
- "traefik.enable=true"
- 'traefik.http.routers.api.rule=Host(`traefik.mydomain`)'
- 'traefik.http.routers.api.entrypoints=https'
- 'traefik.http.routers.api.service=api@internal'
- 'traefik.http.routers.api.middlewares=myAuth'
- 'traefik.http.services.justAdummyService.loadbalancer.server.port=1337'
- 'traefik.http.routers.api.tls'
- 'traefik.docker.network=vlan2'
- 'traefik.http.routers.api.tls.certresolver=base'
- 'traefik.http.middlewares.myAuth.basicauth.users=somuser:somepassword'
- "traefik.http.middlewares.floc.headers.customresponseheaders.Permissions-Policy=interest-cohort=()"
budibase:
container_name: budibase
image: budibase/budibase:v2.8.10
environment:
BASEROW_PUBLIC_URL: 'https://app.mydomain'
links:
- db:mysql
volumes:
- ./budybase:/data
networks:
vlan2:
ipv4_address: 192.168.2.108
restart: always
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=vlan2'
- 'traefik.http.routers.budibase.tls=true'
- 'traefik.http.routers.budibase.service=budibase@docker'
- 'traefik.http.routers.budibase.rule=Host(`app.mydomain`)'
- 'traefik.http.routers.budibase.tls.certresolver=base'
- 'traefik.http.routers.budibase.entrypoints=https, http'
- 'traefik.http.services.budibase.loadbalancer.server.port=80'
wordpress:
environment:
WORDPRESS_DB_HOST: db:3306
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD_FILE: /run/secrets/db_password
image: wordpress:6.2.2-php8.2-apache
container_name: wordpress
restart: always
volumes:
- ./wordpress:/var/www/html/
secrets:
- db_password
depends_on:
- db
networks:
vlan2:
ipv4_address: 192.168.2.109
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=vlan2'
- 'traefik.http.routers.wordpress.tls=true'
- 'traefik.http.routers.wordpress.service=wordpress@docker'
- 'traefik.http.routers.wordpress.rule=Host(`mydomain`)'
- 'traefik.http.routers.wordpress.tls.certresolver=base'
- 'traefik.http.routers.wordpress.entrypoints=https, http'
- 'traefik.http.services.wordpress.loadbalancer.server.port=80'
db:
image: mariadb
container_name: db
networks:
vlan2:
ipv4_address: 192.168.2.110
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb_read_only_compressed=OFF
restart: always
volumes:
- db:/var/lib/mysql
secrets:
- db_root_password
- db_password
environment:
MYSQL_ROOT_PASSWORD_FILE: /run/secrets/db_root_password
MYSQL_DATABASE: wordpress
MYSQL_USER: wordpress
MYSQL_PASSWORD_FILE: /run/secrets/db_password
labels:
- traefik.enable=false
pihole:
container_name: pihole
restart: always
image: pihole/pihole:latest
networks:
vlan2:
ipv4_address: 192.168.2.111
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=vlan2'
- 'traefik.http.routers.pihole.tls=true'
- 'traefik.http.routers.pihole.rule=Host(`dns.mydomain`)'
- 'traefik.http.routers.pihole.service=pihole@docker'
- 'traefik.http.routers.pihole.entrypoints=https, http'
- 'traefik.http.routers.pihole.tls.certresolver=base'
- 'traefik.http.services.pihole.loadbalancer.server.port=80'
- 'traefik.tcp.routers.pihole_tcp.rule=HostSNI(`*`)'
- 'traefik.tcp.routers.pihole_tcp.tls=false'
- 'traefik.tcp.routers.pihole_tcp.entrypoints=dns'
- 'traefik.tcp.services.pihole_tcp.loadbalancer.server.port=53'
- 'traefik.tcp.routers.pihole_tcp.service=pihole@docker'
- 'traefik.udp.routers.pihole_udp.rule=HostSNI(`*`)'
- 'traefik.udp.routers.pihole_udp.tls=false'
- 'traefik.udp.routers.pihole_udp.entrypoints=dns'
- 'traefik.udp.services.pihole_udp.loadbalancer.server.port=53'
- 'traefik.udp.routers.pihole_udp.service=pihole@docker'
environment:
TZ: 'Europe/Paris'
volumes:
- './pihole:/etc/pihole'
- './dnsmasq.d:/etc/dnsmasq.d'
dynamic.yml (file provider)
http:
middlewares:
floc:
headers:
customResponseHeaders:
Permissions-Policy: interest-cohort=()
secHeaders:
headers:
browserXssFilter: true
contentTypeNosniff: true
frameDeny: true
sslRedirect: true
stsIncludeSubdomains: true
stsPreload: true
stsSeconds: 31536000
customFrameOptionsValue: SAMEORIGIN
traefik.yml
entryPoints:
http:
address: ':80'
http:
redirections:
entryPoint:
to: https
scheme: https
https:
address: ':443'
dns:
address: ':53'
syncthing_udp:
address: ':22067'
syncthing_tcp:
address: ':22000'
providers:
providersThrottleDuration: 2s
docker:
watch: true
endpoint: 'unix:///var/run/docker.sock'
file:
filename: '/etc/traefik/dynamic.yml'
watch: true
log:
level: DEBUG
accessLog:
bufferingSize: 0
api:
dashboard: true
certificatesResolvers:
base:
acme:
email: mymail@mydomain
storage: /acme.json
httpChallenge:
entryPoint: http
Nassim
August 6, 2023, 10:25am
4
Thanks, i found a soulution in the doc of entrypoints. Simply, udp routers does not support rule , and tls config.
Here is my final working config.
docker-compose.yml
version: "3.1"
volumes:
syncthing_data:
baikal_config:
baikal_data:
db:
secrets:
db_password:
file: ./db_password.txt
db_root_password:
file: ./db_root_password.txt
networks:
vlan2:
external: true
services:
watchtower:
image: v2tec/watchtower
container_name: watchtower
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /root/.docker/config.json:/config.json
command: --interval 1600
networks:
vlan2:
ipv4_address: 192.168.2.104
restart: always
labels:
- "traefik.enable=false"
syncthing:
image: lscr.io/linuxserver/syncthing
container_name: syncthing
hostname: syncthing
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/London
volumes:
- /srv/syncthing:/config
- syncthing_data:/srv/data
- /media/sdc:/mnt/sdc
restart: always
networks:
vlan2:
ipv4_address: 192.168.2.105
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=vlan2'
- 'traefik.http.routers.syncthing.rule=Host(`crm.mydomain`)'
- 'traefik.http.routers.syncthing.entrypoints=https, http'
- 'traefik.http.routers.syncthing.tls.certresolver=base'
- 'traefik.http.services.syncthing.loadbalancer.server.port=8384'
- 'traefik.http.routers.syncthing.service=syncthing@docker'
- 'traefik.http.routers.syncthing.tls=true'
- 'traefik.tcp.routers.syncthing_tcp.rule=HostSNI(`*`)'
- 'traefik.tcp.routers.syncthing_tcp.entrypoints=syncthing_tcp'
- 'traefik.tcp.services.syncthing_tcp.loadbalancer.server.port=22000'
- 'traefik.tcp.routers.syncthing_tcp.service=syncthing_tcp@docker'
#- 'traefik.udp.routers.syncthing_udp.rule=HostSNI(`*`)'
#- 'traefik.udp.routers.syncthing_udp.tls=false'
- 'traefik.udp.routers.syncthing_udp.entrypoints=syncthing_udp'
- 'traefik.udp.services.syncthing_udp.loadbalancer.server.port=21027'
- 'traefik.udp.routers.syncthing_udp.service=syncthing_udp@docker'
traefik:
image: traefik:latest
restart: always
networks:
vlan2:
ipv4_address: 192.168.2.107
container_name: traefik
volumes:
- './traefik.yml:/etc/traefik/traefik.yml'
- './dynamic.yml:/etc/traefik/dynamic.yml'
- '/var/log/traefik:/var/log/traefik'
- './acme.json:/acme.json'
- '/var/run/docker.sock:/var/run/docker.sock:ro'
ports:
- '80:80'
- '443:443'
environment:
TZ: Europe/Paris
labels:
- "traefik.enable=true"
- 'traefik.http.routers.api.rule=Host(`traefik.mydomain`)'
- 'traefik.http.routers.api.entrypoints=https'
- 'traefik.http.routers.api.service=api@internal'
- 'traefik.http.routers.api.middlewares=myAuth'
- 'traefik.http.services.justAdummyService.loadbalancer.server.port=1337'
- 'traefik.http.routers.api.tls'
- 'traefik.docker.network=vlan2'
- 'traefik.http.routers.api.tls.certresolver=base'
- 'traefik.http.middlewares.myAuth.basicauth.users=someuser:somepassword'
- "traefik.http.middlewares.floc.headers.customresponseheaders.Permissions-Policy=interest-cohort=()"
pihole:
container_name: pihole
restart: always
image: pihole/pihole:latest
networks:
vlan2:
ipv4_address: 192.168.2.111
labels:
- 'traefik.enable=true'
- 'traefik.docker.network=vlan2'
- 'traefik.http.routers.pihole.tls=true'
- 'traefik.http.routers.pihole.rule=Host(`dns.mydomain`)'
- 'traefik.http.routers.pihole.service=pihole@docker'
- 'traefik.http.routers.pihole.entrypoints=https, http'
- 'traefik.http.routers.pihole.tls.certresolver=base'
- 'traefik.http.services.pihole.loadbalancer.server.port=80'
- 'traefik.tcp.routers.pihole_tcp.rule=HostSNI(`*`)'
- 'traefik.tcp.routers.pihole_tcp.entrypoints=dns_tcp'
- 'traefik.tcp.services.pihole_tcp.loadbalancer.server.port=53'
- 'traefik.tcp.routers.pihole_tcp.service=pihole_tcp@docker'
#- 'traefik.udp.routers.pihole_udp.rule=HostSNI(`*`)'
#- 'traefik.udp.routers.pihole_udp.tls=false'
- 'traefik.udp.routers.pihole_udp.entrypoints=dns_udp'
- 'traefik.udp.services.pihole_udp.loadbalancer.server.port=53'
- 'traefik.udp.routers.pihole_udp.service=pihole_udp@docker'
environment:
TZ: 'Europe/Paris'
volumes:
- './pihole:/etc/pihole'
- './dnsmasq.d:/etc/dnsmasq.d'
And the traefik.yml static config
entryPoints:
http:
address: ':80'
http:
redirections:
entryPoint:
to: https
scheme: https
https:
address: ':443'
dns_tcp:
address: ':53'
dns_udp:
address: ':53/udp'
syncthing_udp:
address: ':22067/udp'
syncthing_tcp:
address: ':22000'
providers:
providersThrottleDuration: 2s
docker:
watch: true
endpoint: 'unix:///var/run/docker.sock'
file:
filename: '/etc/traefik/dynamic.yml'
watch: true
log:
level: DEBUG
accessLog:
bufferingSize: 0
api:
dashboard: true
certificatesResolvers:
base:
acme:
email: mymail@mydomain
storage: /acme.json
httpChallenge:
entryPoint: http
system
August 9, 2023, 10:25am
5
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.