I read the blog post about the 2.2 release containing default http redirection settings. That is awesome, and I've been waiting for that for a while. However, the blog post's example with random "foobar"s everywhere was just confusing for me and didn't help me understand how to use this.
The only other documentation I've seen is this: https://docs.traefik.io/v2.2/routing/entrypoints/#redirection
I've added that to my traefik.toml, but when I try loading an http page it just doesn't load. Traefik doesn't log any error messages either.
What am I missing?
My traefik.toml:
[api]
dashboard = true
[providers.file]
watch = true
directory = "/configuration/"
[providers.docker]
exposedByDefault = false
network = "my_proj_nw"
[entryPoints.web]
address = ":80"
[entrypoints.websecure]
address = ":443"
[entryPoints.web.http]
[entryPoints.web.http.redirections]
[entryPoints.web.http.redirections.entryPoint]
to = "websecure"
scheme = "https"
config.toml:
[tls.stores]
[tls.stores.default]
[tls.stores.default.defaultCertificate]
certFile = "/certs/myproj_root.crt"
keyFile = "/certs/myproj_root.key"
Example docker service:
...
labels:
- traefik.enable=true
- traefik.tcp.routers.frontend.entrypoints=websecure
- traefik.tcp.routers.frontend.rule=HostSNI(`myproj.whatever)
- traefik.tcp.services.frontend.loadbalancer.server.port=443
- traefik.tcp.routers.frontend.tls.passthrough=true
ldez
April 7, 2020, 3:46pm
2
Hello,
the http.redirections works only with HTTP and not with TCP.
Okay, so I modified my docker-compose service to look like this:
labels:
- traefik.enable=true
- traefik.http.routers.frontend-insecure.entrypoints=web
- traefik.http.routers.frontend-insecure.rule=Host(`myproj.whatever`)
- traefik.tcp.routers.frontend.entrypoints=websecure
- traefik.tcp.routers.frontend.rule=HostSNI(`myproj.whatever`)
- traefik.tcp.services.frontend.loadbalancer.server.port=443
- traefik.tcp.routers.frontend.tls.passthrough=true
and it still isn't working. Is there a working example config I can look at for this?
ldez
April 7, 2020, 3:56pm
4
labels:
- traefik.enable=true
- traefik.http.routers.frontend.rule=Host(`myproj.whatever`)
- traefik.http.routers.frontend.entrypoints=websecure
- traefik.http.routers.frontend.tls=true
Do I add that to my existing config? Or replace it? I'm not able to use TLS passthrough then?
I've tried both adding this and replacing my existing config labels with this and cannot get anything to work.
ldez
April 8, 2020, 11:26pm
7
A full working example:
version: '3.7'
services:
traefik:
image: traefik:v2.2.0
command:
- --api
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
- --entrypoints.websecure.address=:443
- --entrypoints.websecure.http.tls=true
ports:
- 80:80
- 443:443
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
labels:
traefik.enable: true
# Dashboard
traefik.http.routers.traefik.rule: Host(`traefik.localhost`)
traefik.http.routers.traefik.entrypoints: websecure
traefik.http.routers.traefik.service: api@internal
whoami:
image: containous/whoami:v1.5.0
command:
- --name=🧀
labels:
traefik.enable: true
traefik.http.routers.app.rule: Host(`whoami.localhost`)
traefik.http.routers.app.entrypoints: websecure
traefik.http.routers.app.middlewares: auth
traefik.http.middlewares.auth.basicauth.users: user:$$apr1$$q8eZFHjF$$Fvmkk//V6Btlaf2i/ju5n/ # user/password
So will this just not work for me then since I am using TLS passthrough? My project is set up using tcp instead of http because I am using TLS passthrough.
Is there a way to use this without having to add
traefik.http.routers.app.entrypoints: websecure
to every single container?