Hi all!
I'm completely new to Traefik. I want to reach the docker containers via https with my own wildcard-certificate, unfortunately without success. As template I used the following config-files (based on letsencrypt) as these are very close to what I want to achieve:
As soon as I open the following url's via browser, I get a blank page with '404 page not found' error:
https://traefik.vm-ubuntu-docker/
https://portainer.vm-ubuntu-docker/
The certificate is at least loaded each time.
All containers are in the same network, which I created by 'docker network create proxy'.
At the time I start the containers (docker-compose up) and at the time I try to open the url's I get no log-output besides:
time="2021-11-17T00:23:52+01:00" level=info msg="Configuration loaded from file: /traefik.yml"
I have now spent a few hours with it and have played through a number of variants but always without success, here is my final adapted configuration:
docker-compose.yml
version: "3"
services:
traefik:
image: traefik:latest
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
ports:
- 80:80
- 443:443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- /docker/etc/traefik/traefik.yml:/traefik.yml:ro
- /docker/etc/traefik/configurations:/configurations:ro
- /docker/etc/certs:/etc/certs:ro
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.routers.traefik-secure.entrypoints=websecure"
- "traefik.http.routers.traefik-secure.rule=Host(`traefik.vm-ubuntu-docker`)"
- "traefik.http.routers.traefik-secure.middlewares=user-auth@file"
- "traefik.http.routers.traefik-secure.service=api@internal"
portainer:
image: portainer/portainer-ce:latest
container_name: portainer
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- /docker/home/portainer:/data
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.routers.portainer-secure.entrypoints=websecure"
- "traefik.http.routers.portainer-secure.rule=Host(`portainer.vm-ubuntu-docker`)"
- "traefik.http.routers.portainer-secure.service=portainer"
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
networks:
proxy:
external: true
traefik.yml
api:
dashboard: true
entryPoints:
web:
address: ":80"
http:
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: ":443"
http:
middlewares:
- secureHeaders@file
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
file:
filename: /configurations/dynamic.yml
dynamic.yml
# Dynamic configuration
http:
middlewares:
secureHeaders:
headers:
sslRedirect: true
forceSTSHeader: true
stsIncludeSubdomains: true
stsPreload: true
stsSeconds: 31536000
user-auth:
basicAuth:
users:
- "admin:$apr.................................uuM."
tls:
certificates:
- certFile: /etc/certs/cert.crt
keyFile: /etc/certs/cert.key
options:
default:
minVersion: VersionTLS12
cipherSuites:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Can someone help me to find the error or the cause? I'm really desperate.