Hi, I have spent quite some time and it seems I am stuck.
My goal is to setup traefik not using port 80 and 443 and using own certificates.
I looked thru the forum and several guides and tried to compile something working.
A few questions on my todo:
- Using the label
- "traefik.http.middlewares.traefik-auth.basicauth.users=admin:passwordhash"
if the password hash includes characters like , do I have to escape them?
Is it enough just to replace each with a $$?
2) as you see in my compose yaml i tried to embed own certs. I know that syntax does not work. I also know traefik uses own certs, why I first wanted to get the 404 errors fixed before I continue. If somebody could point out the right syntax i would be more than happy 
But yeah... main issue if i try to access https://:20443/board/dashboard I get prompted for basic auth and see the treafik cert, but end up on a 404 page 
Plz help. For now I only try to get to the point where i can access the dashboard.
(I tried to work with dynamic rules directory and toml files in there but when it did not work i tried to reduce complexity and bring everything into the compose file.)
docker-compose.yaml
version: "3.3"
services:
traefik:
container_name: traefik
image: traefik:v2.4
restart: unless-stopped
command:
- --api.dashboard=true
- --providers.docker=true
- --providers.docker.endpoint=unix:///var/run/docker.sock
- --providers.docker.exposedByDefault=false
- --providers.docker.network=web
- --providers.docker.swarmMode=false
- --entrypoints.websecure.address=:20443
- --entrypoints.web.address=:20080
- --entrypoints.websecure.http.tls=true
- --entrypoints.web.http.redirections.entryPoint.to=websecure
- --entrypoints.web.http.redirections.entryPoint.scheme=https
- --serversTransport.insecureSkipVerify=true
- --log=true
- --log.level=DEBUG # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
- --accessLog=true
- --accessLog.filePath=/traefik/log/traefik.log
- --accessLog.bufferingSize=100
- --accessLog.filters.statusCodes=400-499
security_opt:
- no-new-privileges:true
ports:
- target: 20080
published: 20080
protocol: tcp
mode: host
- target: 20443
published: 20443
protocol: tcp
mode: host
volumes:
- /home/<user>/docker/traefik2:/traefik:rw
- /etc/ssl/localcerts:/certs:ro
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.dashboard.rule=PathPrefix(`/board`)"
- "traefik.http.routers.dashboard.entrypoints=websecure"
- "traefik.http.routers.dashboard.service=api@internal"
- "traefik.http.routers.dashboard.middlewares=traefik-auth"
- "traefik.http.middlewares.traefik-auth.basicauth.users=admin:passwordhash"
networks:
- web
networks:
web:
external: true
#tls:
# certificates:
# - certFile: /certs/LEcert.crt
# keyFile: /certs/LEcert.key