boldt
October 27, 2019, 8:59am
1
I followed the quick start guide with a basic traefik.toml
(Traefik version 2.0.2):
1) traefik.toml
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.websecure]
address = ":443"
[api]
dashboard = true
insecure = true
[providers.docker]
2) docker-compose.yml
version: "3.7"
services:
traefik:
image: traefik
ports:
- "8080:8080"
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- "$PWD/traefik.toml:/etc/traefik/traefik.toml"
whoami:
image: containous/whoami
labels:
- "traefik.http.routers.whoami.rule=Host(`whoami.docker.localhost`)"
Test 1: The call of the HTTP endpoint:
$ curl -H Host:whoami.docker.localhost http://127.0.0.1
Hostname: aa6bfee60f2d
IP: 127.0.0.1
IP: 172.29.0.4
Test 2: The call of the HTTPS endpoint:
curl --insecure -H Host:whoami.docker.localhost https://127.0.0.1
404 page not found
The issue : Call of the HTTPS returns 404 page not found :
The full (not working) MWE can be found here: https://github.com/boldt/traefik-v2-mwe/
How can I get the HTTPS-endpoint working with Traefik v2? What do I miss?
1 Like
ldez
October 27, 2019, 10:12am
2
Hello,
as the TLS part is on the router, you have to create a router for the TLS route.
example 1 (two routers):
version: "3.7"
services:
traefik:
image: traefik:v2.0.2
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker
- --api.insecure=true
ports:
- "8080:8080"
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# - "$PWD/traefik.toml:/etc/traefik/traefik.toml"
whoami:
image: containous/whoami
labels:
- "traefik.http.routers.whoami_http.rule=Host(`whoami.docker.localhost`)"
- "traefik.http.routers.whoami_http.entrypoints=web"
- "traefik.http.routers.whoami_http.middlewares=redirect-to-https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.whoami.rule=Host(`whoami.docker.localhost`)"
- "traefik.http.routers.whoami.entrypoints=websecure"
- "traefik.http.routers.whoami.tls=true"
example 2 (global redirect):
version: "3.7"
services:
traefik:
image: traefik:v2.0.2
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker
- --api.insecure=true
ports:
- "8080:8080"
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# - "$PWD/traefik.toml:/etc/traefik/traefik.toml"
labels:
# global redirect to https
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
# middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
whoami:
image: containous/whoami
labels:
- "traefik.http.routers.whoami.rule=Host(`whoami.docker.localhost`)"
- "traefik.http.routers.whoami.entrypoints=websecure"
- "traefik.http.routers.whoami.tls=true"
Recommended readings:
1 Like
boldt
October 27, 2019, 1:17pm
3
ldez:
example 2 (global redirect):
version: "3.7"
services:
traefik:
image: traefik:v2.0.2
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker
- --api.insecure=true
ports:
- "8080:8080"
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# - "$PWD/traefik.toml:/etc/traefik/traefik.toml"
labels:
# global redirect to https
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
# middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
whoami:
image: containous/whoami
labels:
- "traefik.http.routers.whoami.rule=Host(`whoami.docker.localhost`)"
- "traefik.http.routers.whoami.entrypoints=websecure"
- "traefik.http.routers.whoami.tls=true"
Recommended readings:
This works well. Thanks for the correct pointer!
Hi! I tried your exact docker compose file but I get a 'your connection to this site is insecure' and when I accept that message it leads to a 404. What could be the issue?
Edit: I did the example 2 (global redirect) code.