Not sure if this is a bug as I'm new to Traefik, so I thought I'd check here. In the blog post that details global http to https redirection, there is a linked docker-compose.yml
file that seems to work (with the default self-signed Traefik certificate since I haven't set up letsencrypt). However, when I change it by adding - --providers.docker.exposedbydefault=false
under command
and - "traefik.enable=true"
under labels
in my-app
, I get a 404 when visiting http://whoami.docker.localhost
(instead of a 302).
Can anyone else confirm this? Is this supposed to happen?
Edit: the full version of the modified docker-compose.yml
is below.
Expected behaviour: visiting http://whoami.docker.localhost
produces a 302 redirect to https://whoami.docker.localhost
Observed behaviour: visiting http://whoami.docker.localhost
produces a 404 error code.
version: "3.3"
services:
traefik:
image: "traefik:v2.0.0"
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker
- --providers.docker.exposedbydefault=false
- --api
- --certificatesresolvers.leresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.leresolver.acme.email=your@email.com
- --certificatesresolvers.leresolver.acme.storage=/acme.json
- --certificatesresolvers.leresolver.acme.tlschallenge=true
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
labels:
# global redirect to https
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
# middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true"
my-app:
image: containous/whoami:v1.3.0
labels:
- "traefik.enable=true"
- "traefik.http.routers.my-app.rule=Host(`whoami.docker.localhost`)"
- "traefik.http.routers.my-app.middlewares=auth"
- "traefik.http.routers.my-app.entrypoints=websecure"
- "traefik.http.routers.my-app.tls=true"
- "traefik.http.routers.my-app.tls.certresolver=leresolver"
- "traefik.http.middlewares.auth.basicauth.users=user:$$apr1$$q8eZFHjF$$Fvmkk//V6Btlaf2i/ju5n/" # user/password