Could someone please help troubleshoot my config? I'm trying to reverse proxy through Traefik (as a docker container) to a non-docker standalone VM on my LAN. I have multiple cases like this, but for one example, I'm trying to proxy an OpenMediaVault VM (internal IP 192.168.1.103) using dynamic file config.
It looks ok in the Traefik dashboard -- the HTTP router is green & shows the 'shield' indicating TLS. But when I attempt to access the site (omv.mydomain.tld), I get a connection failure error in the browser. Not explicitly a 40x... just "We can't connect to the server at omb.mydomain.tld."
I am trying to connect from a computer on the same LAN as both traefik and OMV. I can reach the OMV server by IP address from my browser. Dockerized services proxied through Traefik work just fine.
Dynamic config file:
http:
routers:
omv:
service: omv
rule: "Host(`omv.mydomain.tld`)"
entryPoints:
- https
tls:
certResolver: dns-cloudflare
services:
omv:
loadBalancer:
passHostHeader: false
servers:
- url: "http://192.168.1.103"
Traefik Logs:
2022-05-25T09:47:36.620240048Z time="2022-05-25T09:47:36Z" level=debug msg="Looking for provided certificate(s) to validate [\"omv.mydomain.tld\"]..." rule="Host(`omv.mydomain.tld`)" providerName=dns-cloudflare.acme ACME CA="https://acme-v02.api.letsencrypt.org/directory" routerName=omv@file
2022-05-25T09:47:39.774802833Z time="2022-05-25T09:47:39Z" level=debug msg="Configuration received from provider file: {\"http\":{\"routers\":{\"omv\":{\"entryPoints\":[\"https\"],\"service\":\"omv\",\"rule\":\"Host(`omv.mydomain.tld`)\",\"tls\":{\"certResolver\":\"dns-cloudflare\"}}},\"services\":{\"omv\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://192.168.1.103\"}],\"passHostHeader\":false}}},\"middlewares\":{\"chain-core-security\":{\"chain\":{\"middlewares\":[\"middlewares-rate-limit\",\"middlewares-secure-headers\"]}},\"middlewares-basic-auth\":{\"basicAuth\":{\"usersFile\":\"/shared/.htpasswd\",\"realm\":\"Traefik2 Basic Auth\"}},\"middlewares-rate-limit\":{\"rateLimit\":{\"average\":100,\"period\":\"1s\",\"burst\":50}},\"middlewares-secure-headers\":{\"headers\":{\"customResponseHeaders\":{\"X-Robots-Tag\":\"none,noarchive,nosnippet,notranslate,noimageindex,\",\"server\":\"\"},\"accessControlAllowMethods\":[\"GET\",\"OPTIONS\",\"PUT\"],\"accessControlMaxAge\":100,\"hostsProxyHeaders\":[\"X-Forwarded-Host\"],\"sslRedirect\":true,\"stsSeconds\":63072000,\"stsIncludeSubdomains\":true,\"stsPreload\":true,\"forceSTSHeader\":true,\"customFrameOptionsValue\":\"allow-from https:$BASEDOMAIN\",\"contentTypeNosniff\":true,\"browserXssFilter\":true,\"referrerPolicy\":\"same-origin\",\"featurePolicy\":\"camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none'; vr 'none';\"}}}},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=file
2022-05-25T10:08:48.740596169Z time="2022-05-25T10:08:48Z" level=debug msg="Configuration received from provider file: {\"http\":{\"routers\":{\"omv\":{\"entryPoints\":[\"https\"],\"service\":\"omv\",\"rule\":\"Host(`omv.mydomain.tld`)\",\"tls\":{\"certResolver\":\"dns-cloudflare\"}}},\"services\":{\"omv\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://192.168.1.103\"}],\"passHostHeader\":false}}},\"middlewares\":{\"chain-core-security\":{\"chain\":{\"middlewares\":[\"middlewares-rate-limit\",\"middlewares-secure-headers\"]}},\"middlewares-basic-auth\":{\"basicAuth\":{\"usersFile\":\"/shared/.htpasswd\",\"realm\":\"Traefik2 Basic Auth\"}},\"middlewares-rate-limit\":{\"rateLimit\":{\"average\":100,\"period\":\"1s\",\"burst\":50}},\"middlewares-secure-headers\":{\"headers\":{\"customResponseHeaders\":{\"X-Robots-Tag\":\"none,noarchive,nosnippet,notranslate,noimageindex,\",\"server\":\"\"},\"accessControlAllowMethods\":[\"GET\",\"OPTIONS\",\"PUT\"],\"accessControlMaxAge\":100,\"hostsProxyHeaders\":[\"X-Forwarded-Host\"],\"sslRedirect\":true,\"stsSeconds\":63072000,\"stsIncludeSubdomains\":true,\"stsPreload\":true,\"forceSTSHeader\":true,\"customFrameOptionsValue\":\"allow-from https:$BASEDOMAIN\",\"contentTypeNosniff\":true,\"browserXssFilter\":true,\"referrerPolicy\":\"same-origin\",\"featurePolicy\":\"camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none'; vr 'none';\"}}}},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=file
2022-05-25T10:08:47.131192205Z time="2022-05-25T10:08:47Z" level=debug msg="No ACME certificate generation required for domains [\"omv.mydomain.tld\"]." routerName=omv@file rule="Host(`omv.mydomain.tld`)" providerName=dns-cloudflare.acme ACME CA="https://acme-v02.api.letsencrypt.org/directory"
2022-05-25T10:08:47.131172064Z time="2022-05-25T10:08:47Z" level=debug msg="Looking for provided certificate(s) to validate [\"omv.mydomain.tld\"]..." ACME CA="https://acme-v02.api.letsencrypt.org/directory" routerName=omv@file rule="Host(`omv.mydomain.tld`)" providerName=dns-cloudflare.acme
2022-05-25T10:08:47.130963200Z time="2022-05-25T10:08:47Z" level=debug msg="Try to challenge certificate for domain [omv.mydomain.tld] found in HostSNI rule" ACME CA="https://acme-v02.api.letsencrypt.org/directory" routerName=omv@file rule="Host(`omv.mydomain.tld`)" providerName=dns-cloudflare.acme
2022-05-25T10:08:47.130768433Z time="2022-05-25T10:08:47Z" level=debug msg="Adding route for omv.mydomain.tld with TLS options default" entryPointName=https
2022-05-25T10:08:47.129265628Z time="2022-05-25T10:08:47Z" level=debug msg="Added outgoing tracing middleware omv" middlewareName=tracing middlewareType=TracingForwarder entryPointName=https routerName=omv@file
2022-05-25T10:08:47.129220278Z time="2022-05-25T10:08:47Z" level=debug msg="Creating server 0 http://192.168.1.103" serviceName=omv serverName=0 entryPointName=https routerName=omv@file
2022-05-25T10:08:47.129062555Z time="2022-05-25T10:08:47Z" level=debug msg="Creating load-balancer" entryPointName=https routerName=omv@file serviceName=omv
2022-05-25T10:08:47.129051885Z time="2022-05-25T10:08:47Z" level=debug msg="Creating middleware" routerName=omv@file serviceName=omv middlewareType=Pipelining middlewareName=pipelining entryPointName=https
2022-05-25T10:08:47.127571475Z time="2022-05-25T10:08:47Z" level=debug msg="Adding certificate for domain(s) omv.mydomain.tld"
2022-05-25T10:08:45.849605340Z time="2022-05-25T10:08:45Z" level=debug msg="Adding certificate for domain(s) omv.mydomain.tld"
2022-05-25T10:08:44.745610656Z time="2022-05-25T10:08:44Z" level=debug msg="Configuration received from provider file: {\"http\":{\"routers\":{\"omv\":{\"entryPoints\":[\"https\"],\"service\":\"omv\",\"rule\":\"Host(`omv.mydomain.tld`)\",\"tls\":{\"certResolver\":\"dns-cloudflare\"}}},\"services\":{\"omv\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://192.168.1.103\"}],\"passHostHeader\":false}}},\"middlewares\":{\"chain-core-security\":{\"chain\":{\"middlewares\":[\"middlewares-rate-limit\",\"middlewares-secure-headers\"]}},\"middlewares-basic-auth\":{\"basicAuth\":{\"usersFile\":\"/shared/.htpasswd\",\"realm\":\"Traefik2 Basic Auth\"}},\"middlewares-rate-limit\":{\"rateLimit\":{\"average\":100,\"period\":\"1s\",\"burst\":50}},\"middlewares-secure-headers\":{\"headers\":{\"customResponseHeaders\":{\"X-Robots-Tag\":\"none,noarchive,nosnippet,notranslate,noimageindex,\",\"server\":\"\"},\"accessControlAllowMethods\":[\"GET\",\"OPTIONS\",\"PUT\"],\"accessControlMaxAge\":100,\"hostsProxyHeaders\":[\"X-Forwarded-Host\"],\"sslRedirect\":true,\"stsSeconds\":63072000,\"stsIncludeSubdomains\":true,\"stsPreload\":true,\"forceSTSHeader\":true,\"customFrameOptionsValue\":\"allow-from https:$BASEDOMAIN\",\"contentTypeNosniff\":true,\"browserXssFilter\":true,\"referrerPolicy\":\"same-origin\",\"featurePolicy\":\"camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none'; vr 'none';\"}}}},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=file
Any ideas what I'm missing or doing wrong?