Traefik regex redirect not working (docker swarm)

oskar333 · October 2, 2020, 7:13am

Could someone smart take a look?
The goal is to redirect all paths to main domain domain.com/whatever -> domain.com
I am pretty sure it is done "by the book" but is not working for some reason...
Thanks
BTW the secure dashboard is not working too but I have gave up on this already

version: "3.3"
# _______________________NAZWA_____________________________
services:
    traefik:
        image: "traefik:v2.2.1"
        command:
            - "--log.level=DEBUG"
            
            - "--entrypoints.web.address=:80"
            - "--entrypoints.websecure.address=:443"
            
            - "--providers.docker=true"
            - "--providers.docker.exposedbydefault=false"
            - "--providers.docker.network=web" # <== Operate on the docker network named web !! for STRAPI TO WORK!!

            # - "--api.insecure=true"
            - "--api.dashboard=true"
            - "--api.debug=true" # <== Enabling additional endpoints for debugging and profiling
            #ssl
            - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
            - "--certificatesresolvers.myresolver.acme.email=oskar@domain.com"
            - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
            #swarm
            - "--providers.docker.swarmmode=true"
        ports:
            - "80:80"
            - "443:443"
            - "8080:8080"
           
        
        volumes:
            - "/var/run/docker.sock:/var/run/docker.sock:ro"
            - "/sites/letsencrypt:/letsencrypt"
        deploy:
            labels:
                # Dashboard START
                - "traefik.enable=true"
                # - "traefik.docker.network=web"
                - "traefik.http.routers.api.rule=Host(`traefik.domain.com`)"
                - "traefik.http.routers.api.service=api@internal"
                - "traefik.http.routers.api.middlewares=auth"
                - "traefik.http.middlewares.auth.basicauth.users=oskar:$$apr1$$q34NkOoK$$pOaJQIoMTZLYWdg.tH1Ia0"
                # Dummy service for Swarm port detection. The port can be any valid integer value.
                - "traefik.http.services.dummy-svc.loadbalancer.server.port=9999"
                # Dashboard END
            placement:
                constraints:
                    - node.role == manager

        
        networks:
            - web

    # 
    admin:
        image: nginx
        # container_name: admin --- unsuported in docker swarm
        #command:
        #- --port=80
        volumes: 
            - /sites/domain.com/nginx/html:/usr/share/nginx/html
        deploy:
            labels:
                # enable Traefik for container
                - "traefik.enable=true"

                # middleware to redirect trafic to https
                - "traefik.http.middlewares.admin-https.redirectscheme.scheme=https"
                #" http-admin" router to listen on "web" entrypoint
                - "traefik.http.routers.admin-http.entrypoints=web"
                # hostname fot the site on "admin-http" router
                - "traefik.http.routers.admin-http.rule=Host(`domain.com`)"
                # tell the router to use redirect middleware defined above
                - "traefik.http.routers.admin-http.middlewares=admin-https@docker"
                # "admin" router hostname
                - "traefik.http.routers.admin.rule=Host(`domain.com`)"
                # where router should be listening
                - "traefik.http.routers.admin.entrypoints=websecure"
                # tell "admin" router to terminate SSL requests
                - "traefik.http.routers.admin.tls=true"
                # the router should use LetsEncrypt configuration defined in Traefik
                - "traefik.http.routers.admin.tls.certresolver=myresolver"
                # necessary for docker
                - "traefik.http.services.admin.loadbalancer.server.port=80"
                 # auth
                - "traefik.http.routers.admin.middlewares=auth"
                - "traefik.http.middlewares.auth.basicauth.users=oskar:$$apr1$$tH1Ia0"
                # redirect all to home page
                - "traefik.http.routers.admin.middlewares=redir"
                - "traefik.http.middlewares.redir.replacepathregex.regex=domain.com//.*"
                - "traefik.http.middlewares.redir.replacepathregex.replacement=domain.com"

                
        networks:
            - web

zespri · October 3, 2020, 12:21am

This is a reference for docker labels. Copying form there a label would look like:

- "traefik.http.routers.router0.middlewares=foobar, foobar"

Here you have a coma separate list of middlewares. What you have instead is:

- "traefik.http.routers.admin.middlewares=auth"
- "traefik.http.routers.admin.middlewares=redir"

These are two contradicting labels, one says using auth and the other says using redir. It will not work this way.

oskar333 · October 9, 2020, 1:23pm

Thanks for reply... It is true I dont quite understand that...
Does it mean I cannot have authentication and redirection at the same time?

zespri · October 15, 2020, 5:57am

You can, you just need to configure it as per the docs (example above).

oskar333 · October 15, 2020, 9:14am

Sorry but neither the reference nor you explanation are clear to me...
What is "foovar"??????
Can you just show me how my config (from first post) should look like?

ldez · October 15, 2020, 11:17pm

Example 1

version: "3.7"

services:

  traefik:
    image: traefik:v2.3.1
    ports:
      - 80:80
      - 443:443
      - 8080:8080
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /sites/letsencrypt:/letsencrypt
    networks:
      - web
    command:
      - --log.level=DEBUG

      - --entrypoints.web.address=:80
      - --entrypoints.websecure.address=:443

      - --providers.docker.swarmmode=true
      - --providers.docker.exposedbydefault=false
      - --providers.docker.network=web

      - --api

      - --certificatesresolvers.myresolver.acme.tlschallenge=true
      - --certificatesresolvers.myresolver.acme.email=oskar@domain.com
      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
    deploy:
      placement:
        constraints:
          - node.role == manager
      labels:
        traefik.enable: 'true'
        traefik.http.routers.api.rule: Host(`traefik.domain.com`)
        traefik.http.routers.api.service: api@internal
        traefik.http.routers.api.middlewares: auth

        traefik.http.middlewares.auth.basicauth.users: oskar:$$apr1$$q34NkOoK$$pOaJQIoMTZLYWdg.tH1Ia0

        # Dummy service for Swarm port detection. The port can be any valid integer value.
        traefik.http.services.dummy-svc.loadbalancer.server.port: 9999

  admin:
    image: nginx
    volumes:
      - /sites/domain.com/nginx/html:/usr/share/nginx/html
    deploy:
      labels:
        traefik.enable: 'true'

        traefik.http.routers.admin-http.rule: Host(`domain.com`)
        traefik.http.routers.admin-http.entrypoints: web
        traefik.http.routers.admin-http.middlewares: admin-https@docker

        traefik.http.routers.admin.rule: Host(`domain.com`)
        traefik.http.routers.admin.entrypoints: websecure
        traefik.http.routers.admin.tls.certresolver: myresolver
        traefik.http.routers.admin.middlewares: auth,redir # <----------------------------------

        traefik.http.services.admin.loadbalancer.server.port: 80

        traefik.http.middlewares.admin-https.redirectscheme.entrypoint: websecure
        traefik.http.middlewares.admin-https.redirectscheme.scheme: https

        traefik.http.middlewares.redir.replacepathregex.regex: /.+
        traefik.http.middlewares.redir.replacepathregex.replacement: /

    networks:
      - web

or

Example 2

version: "3.7"

services:

  traefik:
    image: traefik:v2.3.1
    ports:
      - 80:80
      - 443:443
      - 8080:8080
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /sites/letsencrypt:/letsencrypt
    networks:
      - web
    command:
      - --log.level=DEBUG

      - --entrypoints.web.address=:80
      - --entrypoints.websecure.address=:443

      - --providers.docker.swarmmode=true
      - --providers.docker.exposedbydefault=false
      - --providers.docker.network=web

      - --api

      - --certificatesresolvers.myresolver.acme.tlschallenge=true
      - --certificatesresolvers.myresolver.acme.email=oskar@domain.com
      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
    deploy:
      placement:
        constraints:
          - node.role == manager
      labels:
        - "traefik.enable=true"

        - "traefik.http.routers.api.rule=Host(`traefik.domain.com`)"
        - "traefik.http.routers.api.service=api@internal"
        - "traefik.http.routers.api.middlewares=auth"

        - "traefik.http.middlewares.auth.basicauth.users=oskar:$$apr1$$q34NkOoK$$pOaJQIoMTZLYWdg.tH1Ia0"

        # Dummy service for Swarm port detection. The port can be any valid integer value.
        - "traefik.http.services.dummy-svc.loadbalancer.server.port=9999"

  admin:
    image: nginx
    volumes: 
      - /sites/domain.com/nginx/html:/usr/share/nginx/html
    deploy:
      labels:
        - "traefik.enable=true"

        - "traefik.http.routers.admin-http.rule=Host(`domain.com`)"
        - "traefik.http.routers.admin-http.entrypoints=web"
        - "traefik.http.routers.admin-http.middlewares=admin-https@docker"

        - "traefik.http.routers.admin.rule=Host(`domain.com`)"
        - "traefik.http.routers.admin.entrypoints=websecure"
        - "traefik.http.routers.admin.tls.certresolver=myresolver"
        - "traefik.http.routers.admin.middlewares=auth,redir # <----------------------------------"

        - "traefik.http.services.admin.loadbalancer.server.port=80"

        - "traefik.http.middlewares.admin-https.redirectscheme.entrypoint=websecure"
        - "traefik.http.middlewares.admin-https.redirectscheme.scheme=https"

        - "traefik.http.middlewares.redir.replacepathregex.regex=/.+"
        - "traefik.http.middlewares.redir.replacepathregex.replacement=/"

    networks:
      - web

or

Example 3

version: "3.7"

services:

  traefik:
    image: traefik:v2.3.1
    ports:
      - 80:80
      - 443:443
      - 8080:8080
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /sites/letsencrypt:/letsencrypt
    networks:
      - web
    command:
      - --log.level=DEBUG

      - --entrypoints.web.address=:80
      # global redirect to https
      - --entrypoints.web.http.redirections.entryPoint.to=websecure
      - --entrypoints.web.http.redirections.entrypoint.scheme=https

      - --entrypoints.websecure.address=:443

      - --providers.docker.swarmmode=true
      - --providers.docker.exposedbydefault=false
      - --providers.docker.network=web

      - --api

      - --certificatesresolvers.myresolver.acme.tlschallenge=true
      - --certificatesresolvers.myresolver.acme.email=oskar@domain.com
      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
    deploy:
      placement:
        constraints:
          - node.role == manager
      labels:
        traefik.enable: 'true'

        traefik.http.routers.api.rule: Host(`traefik.domain.com`)
        traefik.http.routers.api.service: api@internal
        traefik.http.routers.api.middlewares: auth

        traefik.http.middlewares.auth.basicauth.users: oskar:$$apr1$$q34NkOoK$$pOaJQIoMTZLYWdg.tH1Ia0

        # Dummy service for Swarm port detection. The port can be any valid integer value.
        traefik.http.services.dummy-svc.loadbalancer.server.port: 9999

  admin:
    image: nginx
    volumes:
      - /sites/domain.com/nginx/html:/usr/share/nginx/html
    deploy:
      labels:
        traefik.enable: 'true'

        traefik.http.routers.admin.rule: Host(`domain.com`)
        traefik.http.routers.admin.tls.certresolver: myresolver
        traefik.http.routers.admin.middlewares: auth,redir # <----------------------------------

        traefik.http.services.admin.loadbalancer.server.port: 80

        traefik.http.middlewares.redir.replacepathregex.regex: /.+
        traefik.http.middlewares.redir.replacepathregex.replacement: /

    networks:
      - web

or

Example 4

version: "3.7"

services:

  traefik:
    image: traefik:v2.3.1
    ports:
      - 80:80
      - 443:443
      - 8080:8080
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /sites/letsencrypt:/letsencrypt
    networks:
      - web
    command:
      - --log.level=DEBUG

      - --entrypoints.web.address=:80
      # global redirect to https
      - --entrypoints.web.http.redirections.entryPoint.to=websecure
      - --entrypoints.web.http.redirections.entrypoint.scheme=https

      - --entrypoints.websecure.address=:443

      - --providers.docker.swarmmode=true
      - --providers.docker.exposedbydefault=false
      - --providers.docker.network=web # <== Operate on the docker network named web !! for STRAPI TO WORK!!

      - --api

      - --certificatesresolvers.myresolver.acme.tlschallenge=true
      - --certificatesresolvers.myresolver.acme.email=oskar@domain.com
      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
    deploy:
      placement:
        constraints:
          - node.role == manager
      labels:
        - "traefik.enable=true"

        - "traefik.http.routers.api.rule=Host(`traefik.domain.com`)"
        - "traefik.http.routers.api.service=api@internal"
        - "traefik.http.routers.api.middlewares=auth"

        - "traefik.http.middlewares.auth.basicauth.users=oskar:$$apr1$$q34NkOoK$$pOaJQIoMTZLYWdg.tH1Ia0"

        # Dummy service for Swarm port detection. The port can be any valid integer value.
        - "traefik.http.services.dummy-svc.loadbalancer.server.port=9999"

  admin:
    image: nginx
    volumes:
      - /sites/domain.com/nginx/html:/usr/share/nginx/html
    deploy:
      labels:
        - "traefik.enable=true"

        - "traefik.http.routers.admin.rule=Host(`domain.com`)"
        - "traefik.http.routers.admin.tls.certresolver=myresolver"
        - "traefik.http.routers.admin.middlewares=auth,redir" # <----------------------------------

        - "traefik.http.services.admin.loadbalancer.server.port=80"

        - "traefik.http.middlewares.redir.replacepathregex.regex=/.+"
        - "traefik.http.middlewares.redir.replacepathregex.replacement=/"

    networks:
      - web

In summary

- "traefik.http.routers.admin.middlewares=auth,redir"

system · October 18, 2020, 11:17pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Redirect domain via regex does not work Traefik v2 docker , middleware	2	1537	March 9, 2021
Regex redirect fails with HTTPS Traefik v2 docker , middleware	6	2748	February 12, 2020
Intermittent issues with URL redirection Traefik v1 docker , docker-swarm	4	221	February 14, 2024
Traefik 2.2 Regex Traefik v2 docker , file , middleware	1	543	July 22, 2020
Multiple levels of redirects do not work Traefik v2 docker-swarm	5	122	April 29, 2024

Traefik regex redirect not working (docker swarm)

Related topics