Unable to activate Secure dashboard on traefik 2.2.1

Hi Folks,
I'm new to this traefik, and i'm trying to make the secure dashboard work but so far no luck
I've read many solutions over the internet here in this very same forum and still none of those worked for me, so I'm here asking for your wisdom as maybe im the problem here.

The only way it works its on insecure mode.

I have a MX record traefik.mydomain.com that points to my manager ip address.
Im trying to deploy on swarm
If there is already some solution and i couldnt find it im sorry beforehand for opening this thread but im crazy about this dashboard.

Here is my compose file

version: '3.3'


    image: traefik:2.2.1
        - "--api.insecure=true"
        - "--api.dashboard=true"
        - "--api.debug=true"
        - "--log.level=DEBUG"
        - "--providers.docker=true"
        - "--providers.docker.swarmMode=true"
        - "--providers.docker.exposedbydefault=false"
        - "--providers.docker.network=frontend"
        - "--providers.file.filename=/traefik_conf.yaml"
        - "--entryPoints.web.address=:80"
        - "--entryPoints.websecure.address=:443"
        - "--certificatesResolvers.le.acme.email=rgvargas@rickyflix.xyz"
        - "--certificatesResolvers.le.acme.storage=/letsencrypt/acme.json"
        - "--certificatesResolvers.le.acme.tlsChallenge=true"
        - "--certificatesResolvers.le.acme.httpChallenge=true"
        - "--certificatesResolvers.le.acme.httpChallenge.entryPoint=web"
        - 80:80
        - 443:443
        - 8080:8080
        - frontend
        - /var/run/docker.sock:/var/run/docker.sock
        - type: bind
          source: /dockers/swarm/traefik/traefik_conf.yaml
          target: /traefik_conf.yaml
        - type: bind
          source: /dockers/swarm/letsencrypt
          target: /letsencrypt
        # Dashboard
        - "traefik.enable=true"
        - "traefik.http.routers.api.rule=Host(`traefik.mydomain.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
        - "traefik.http.routers.api.entrypoints=web"
        - "traefik.http.routers.traefik-secure.rule=Host(`traefik.mydomain.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
        - "traefik.http.routers.traefik-secure.entrypoints=websecure"
        - "traefik.http.routers.traefik-secure.tls=true"
        - "traefik.http.routers.traefik-secure.tls.certresolver=le"
        - "traefik.http.routers.api.service=api@internal"
        - "traefik.http.routers.api.middlewares=auth"
        - "traefik.http.middlewares.auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0"
        # Docker swarm need a dummy service for port detection
        - "traefik.http.services.dummy-service.loadbalancer.server.port=59999"
        constraints: [node.role == manager]
        condition: on-failure

external: true

Can you expand on how this is specifically not working/ what is working?

You have this which sets up the dashboard on port 8080. Is this just a backup while you get this working on on the other entryPoints?

You have this setup on both web and websecure entrypoints ?

Auth is only setup on the router using the web entrypoint.

Hi there
as per the solutions i've tried, this is the most complete one, still have seen other forum post in here but didnt bookmarked all
Solution 1

regarding the api.insecure=true i have it activated beacase is the only way i can get in the dashboard for now; when testing the secure dashboard that line and the port 8080 are commented out.

on the entrypoints, yes i have them both i havent been able to redirect http to https so, in all my services i enable them both and do the redirection on the service itself.

Auth: you mean i have to add the auth middlware to the traefik-secure router as well?

Thanks for your time

Hi @rgvargas29

I just took another look at this. Your labels section is not nested under the deploy: label which is where it need to be for swarm mode.

Hi cakiwi
Thanks for your input indeed the labels were misplaced still im getting 404 error then trying to access http://traefik.mydomain.com https://traefik.mydomain.com http://traefik.mydomain.com/dashboard/ https://traefik.mydomain.com/dashboard/

Good thing though is that the certificate for the https was generated by the ACME letsencrypt

attached is my "new" labels

If you happend to see something else wrong please do let me know

I think is is because you are referencing middleware auth but have only defined test-auth

Thank you , got it working already
hope this post help some others out in the wild
Have a nice one.