Traefik regex redirect not working (docker swarm)

Could someone smart take a look?
The goal is to redirect all paths to main domain domain.com/whatever -> domain.com
I am pretty sure it is done "by the book" but is not working for some reason...
Thanks
BTW the secure dashboard is not working too but I have gave up on this already :frowning:

version: "3.3"
# _______________________NAZWA_____________________________
services:
    traefik:
        image: "traefik:v2.2.1"
        command:
            - "--log.level=DEBUG"
            
            - "--entrypoints.web.address=:80"
            - "--entrypoints.websecure.address=:443"
            
            - "--providers.docker=true"
            - "--providers.docker.exposedbydefault=false"
            - "--providers.docker.network=web" # <== Operate on the docker network named web !! for STRAPI TO WORK!!

            # - "--api.insecure=true"
            - "--api.dashboard=true"
            - "--api.debug=true" # <== Enabling additional endpoints for debugging and profiling
            #ssl
            - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
            - "--certificatesresolvers.myresolver.acme.email=oskar@domain.com"
            - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
            #swarm
            - "--providers.docker.swarmmode=true"
        ports:
            - "80:80"
            - "443:443"
            - "8080:8080"
           
        
        volumes:
            - "/var/run/docker.sock:/var/run/docker.sock:ro"
            - "/sites/letsencrypt:/letsencrypt"
        deploy:
            labels:
                # Dashboard START
                - "traefik.enable=true"
                # - "traefik.docker.network=web"
                - "traefik.http.routers.api.rule=Host(`traefik.domain.com`)"
                - "traefik.http.routers.api.service=api@internal"
                - "traefik.http.routers.api.middlewares=auth"
                - "traefik.http.middlewares.auth.basicauth.users=oskar:$$apr1$$q34NkOoK$$pOaJQIoMTZLYWdg.tH1Ia0"
                # Dummy service for Swarm port detection. The port can be any valid integer value.
                - "traefik.http.services.dummy-svc.loadbalancer.server.port=9999"
                # Dashboard END
            placement:
                constraints:
                    - node.role == manager

        
        networks:
            - web

    # 
    admin:
        image: nginx
        # container_name: admin --- unsuported in docker swarm
        #command:
        #- --port=80
        volumes: 
            - /sites/domain.com/nginx/html:/usr/share/nginx/html
        deploy:
            labels:
                # enable Traefik for container
                - "traefik.enable=true"

                # middleware to redirect trafic to https
                - "traefik.http.middlewares.admin-https.redirectscheme.scheme=https"
                #" http-admin" router to listen on "web" entrypoint
                - "traefik.http.routers.admin-http.entrypoints=web"
                # hostname fot the site on "admin-http" router
                - "traefik.http.routers.admin-http.rule=Host(`domain.com`)"
                # tell the router to use redirect middleware defined above
                - "traefik.http.routers.admin-http.middlewares=admin-https@docker"
                # "admin" router hostname
                - "traefik.http.routers.admin.rule=Host(`domain.com`)"
                # where router should be listening
                - "traefik.http.routers.admin.entrypoints=websecure"
                # tell "admin" router to terminate SSL requests
                - "traefik.http.routers.admin.tls=true"
                # the router should use LetsEncrypt configuration defined in Traefik
                - "traefik.http.routers.admin.tls.certresolver=myresolver"
                # necessary for docker
                - "traefik.http.services.admin.loadbalancer.server.port=80"
                 # auth
                - "traefik.http.routers.admin.middlewares=auth"
                - "traefik.http.middlewares.auth.basicauth.users=oskar:$$apr1$$tH1Ia0"
                # redirect all to home page
                - "traefik.http.routers.admin.middlewares=redir"
                - "traefik.http.middlewares.redir.replacepathregex.regex=domain.com//.*"
                - "traefik.http.middlewares.redir.replacepathregex.replacement=domain.com"

                
        networks:
            - web

This is a reference for docker labels. Copying form there a label would look like:

- "traefik.http.routers.router0.middlewares=foobar, foobar"

Here you have a coma separate list of middlewares. What you have instead is:

- "traefik.http.routers.admin.middlewares=auth"
- "traefik.http.routers.admin.middlewares=redir"

These are two contradicting labels, one says using auth and the other says using redir. It will not work this way.

1 Like

Thanks for reply... It is true I dont quite understand that...
Does it mean I cannot have authentication and redirection at the same time?

You can, you just need to configure it as per the docs (example above).

Sorry but neither the reference nor you explanation are clear to me...
What is "foovar"??????
Can you just show me how my config (from first post) should look like?

Example 1
version: "3.7"

services:

  traefik:
    image: traefik:v2.3.1
    ports:
      - 80:80
      - 443:443
      - 8080:8080
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /sites/letsencrypt:/letsencrypt
    networks:
      - web
    command:
      - --log.level=DEBUG

      - --entrypoints.web.address=:80
      - --entrypoints.websecure.address=:443

      - --providers.docker.swarmmode=true
      - --providers.docker.exposedbydefault=false
      - --providers.docker.network=web

      - --api

      - --certificatesresolvers.myresolver.acme.tlschallenge=true
      - --certificatesresolvers.myresolver.acme.email=oskar@domain.com
      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
    deploy:
      placement:
        constraints:
          - node.role == manager
      labels:
        traefik.enable: 'true'
        traefik.http.routers.api.rule: Host(`traefik.domain.com`)
        traefik.http.routers.api.service: api@internal
        traefik.http.routers.api.middlewares: auth

        traefik.http.middlewares.auth.basicauth.users: oskar:$$apr1$$q34NkOoK$$pOaJQIoMTZLYWdg.tH1Ia0

        # Dummy service for Swarm port detection. The port can be any valid integer value.
        traefik.http.services.dummy-svc.loadbalancer.server.port: 9999

  admin:
    image: nginx
    volumes:
      - /sites/domain.com/nginx/html:/usr/share/nginx/html
    deploy:
      labels:
        traefik.enable: 'true'

        traefik.http.routers.admin-http.rule: Host(`domain.com`)
        traefik.http.routers.admin-http.entrypoints: web
        traefik.http.routers.admin-http.middlewares: admin-https@docker

        traefik.http.routers.admin.rule: Host(`domain.com`)
        traefik.http.routers.admin.entrypoints: websecure
        traefik.http.routers.admin.tls.certresolver: myresolver
        traefik.http.routers.admin.middlewares: auth,redir # <----------------------------------

        traefik.http.services.admin.loadbalancer.server.port: 80

        traefik.http.middlewares.admin-https.redirectscheme.entrypoint: websecure
        traefik.http.middlewares.admin-https.redirectscheme.scheme: https

        traefik.http.middlewares.redir.replacepathregex.regex: /.+
        traefik.http.middlewares.redir.replacepathregex.replacement: /

    networks:
      - web

or

Example 2
version: "3.7"

services:

  traefik:
    image: traefik:v2.3.1
    ports:
      - 80:80
      - 443:443
      - 8080:8080
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /sites/letsencrypt:/letsencrypt
    networks:
      - web
    command:
      - --log.level=DEBUG

      - --entrypoints.web.address=:80
      - --entrypoints.websecure.address=:443

      - --providers.docker.swarmmode=true
      - --providers.docker.exposedbydefault=false
      - --providers.docker.network=web

      - --api

      - --certificatesresolvers.myresolver.acme.tlschallenge=true
      - --certificatesresolvers.myresolver.acme.email=oskar@domain.com
      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
    deploy:
      placement:
        constraints:
          - node.role == manager
      labels:
        - "traefik.enable=true"

        - "traefik.http.routers.api.rule=Host(`traefik.domain.com`)"
        - "traefik.http.routers.api.service=api@internal"
        - "traefik.http.routers.api.middlewares=auth"

        - "traefik.http.middlewares.auth.basicauth.users=oskar:$$apr1$$q34NkOoK$$pOaJQIoMTZLYWdg.tH1Ia0"

        # Dummy service for Swarm port detection. The port can be any valid integer value.
        - "traefik.http.services.dummy-svc.loadbalancer.server.port=9999"

  admin:
    image: nginx
    volumes: 
      - /sites/domain.com/nginx/html:/usr/share/nginx/html
    deploy:
      labels:
        - "traefik.enable=true"

        - "traefik.http.routers.admin-http.rule=Host(`domain.com`)"
        - "traefik.http.routers.admin-http.entrypoints=web"
        - "traefik.http.routers.admin-http.middlewares=admin-https@docker"

        - "traefik.http.routers.admin.rule=Host(`domain.com`)"
        - "traefik.http.routers.admin.entrypoints=websecure"
        - "traefik.http.routers.admin.tls.certresolver=myresolver"
        - "traefik.http.routers.admin.middlewares=auth,redir # <----------------------------------"

        - "traefik.http.services.admin.loadbalancer.server.port=80"

        - "traefik.http.middlewares.admin-https.redirectscheme.entrypoint=websecure"
        - "traefik.http.middlewares.admin-https.redirectscheme.scheme=https"

        - "traefik.http.middlewares.redir.replacepathregex.regex=/.+"
        - "traefik.http.middlewares.redir.replacepathregex.replacement=/"

    networks:
      - web

or

Example 3
version: "3.7"

services:

  traefik:
    image: traefik:v2.3.1
    ports:
      - 80:80
      - 443:443
      - 8080:8080
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /sites/letsencrypt:/letsencrypt
    networks:
      - web
    command:
      - --log.level=DEBUG

      - --entrypoints.web.address=:80
      # global redirect to https
      - --entrypoints.web.http.redirections.entryPoint.to=websecure
      - --entrypoints.web.http.redirections.entrypoint.scheme=https

      - --entrypoints.websecure.address=:443

      - --providers.docker.swarmmode=true
      - --providers.docker.exposedbydefault=false
      - --providers.docker.network=web

      - --api

      - --certificatesresolvers.myresolver.acme.tlschallenge=true
      - --certificatesresolvers.myresolver.acme.email=oskar@domain.com
      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
    deploy:
      placement:
        constraints:
          - node.role == manager
      labels:
        traefik.enable: 'true'

        traefik.http.routers.api.rule: Host(`traefik.domain.com`)
        traefik.http.routers.api.service: api@internal
        traefik.http.routers.api.middlewares: auth

        traefik.http.middlewares.auth.basicauth.users: oskar:$$apr1$$q34NkOoK$$pOaJQIoMTZLYWdg.tH1Ia0

        # Dummy service for Swarm port detection. The port can be any valid integer value.
        traefik.http.services.dummy-svc.loadbalancer.server.port: 9999

  admin:
    image: nginx
    volumes:
      - /sites/domain.com/nginx/html:/usr/share/nginx/html
    deploy:
      labels:
        traefik.enable: 'true'

        traefik.http.routers.admin.rule: Host(`domain.com`)
        traefik.http.routers.admin.tls.certresolver: myresolver
        traefik.http.routers.admin.middlewares: auth,redir # <----------------------------------

        traefik.http.services.admin.loadbalancer.server.port: 80

        traefik.http.middlewares.redir.replacepathregex.regex: /.+
        traefik.http.middlewares.redir.replacepathregex.replacement: /

    networks:
      - web

or

Example 4
version: "3.7"

services:

  traefik:
    image: traefik:v2.3.1
    ports:
      - 80:80
      - 443:443
      - 8080:8080
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /sites/letsencrypt:/letsencrypt
    networks:
      - web
    command:
      - --log.level=DEBUG

      - --entrypoints.web.address=:80
      # global redirect to https
      - --entrypoints.web.http.redirections.entryPoint.to=websecure
      - --entrypoints.web.http.redirections.entrypoint.scheme=https

      - --entrypoints.websecure.address=:443

      - --providers.docker.swarmmode=true
      - --providers.docker.exposedbydefault=false
      - --providers.docker.network=web # <== Operate on the docker network named web !! for STRAPI TO WORK!!

      - --api

      - --certificatesresolvers.myresolver.acme.tlschallenge=true
      - --certificatesresolvers.myresolver.acme.email=oskar@domain.com
      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
    deploy:
      placement:
        constraints:
          - node.role == manager
      labels:
        - "traefik.enable=true"

        - "traefik.http.routers.api.rule=Host(`traefik.domain.com`)"
        - "traefik.http.routers.api.service=api@internal"
        - "traefik.http.routers.api.middlewares=auth"

        - "traefik.http.middlewares.auth.basicauth.users=oskar:$$apr1$$q34NkOoK$$pOaJQIoMTZLYWdg.tH1Ia0"

        # Dummy service for Swarm port detection. The port can be any valid integer value.
        - "traefik.http.services.dummy-svc.loadbalancer.server.port=9999"

  admin:
    image: nginx
    volumes:
      - /sites/domain.com/nginx/html:/usr/share/nginx/html
    deploy:
      labels:
        - "traefik.enable=true"

        - "traefik.http.routers.admin.rule=Host(`domain.com`)"
        - "traefik.http.routers.admin.tls.certresolver=myresolver"
        - "traefik.http.routers.admin.middlewares=auth,redir" # <----------------------------------

        - "traefik.http.services.admin.loadbalancer.server.port=80"

        - "traefik.http.middlewares.redir.replacepathregex.regex=/.+"
        - "traefik.http.middlewares.redir.replacepathregex.replacement=/"

    networks:
      - web

In summary

- "traefik.http.routers.admin.middlewares=auth,redir"

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.