Redirect to subpath and http to https

Hi,

i know how to redirect every request from http://url.com to https://url.com.

But how do i combine this if i want every request to http://url.com redirected to http://url.com/subpath/.

I tried different sinppets here from the forum but can't get it to work.

Any help is welcome.

Hi @lachnerd

Do you want just the http of http://url.com/ to be redirected or would you want https://url.com/ to be redirected also ?

If it is only http://url.com/ you would want a redirectRegex middleware before the redirectScheme on a router on the http entryPoint.

If you are redirecting everything to https anyway then a route using the https entryPoint and redirectRegex should be sufficient.

The route handling /subpath/ would need to remain at a higher priority then the redirectRegex or you would keep matching the same redirect rule when the client gets redirected.

As you know posting your configuration will help.

Hi @cakiwi,

i want everything redirected to https and one specific host/service to https://url.com/subpath/.

traefik.toml:

[global]
  checkNewVersion = true
[entryPoints]
  [entryPoints.web]
    address = ":80"
  [entryPoints.websecure]
    address = ":443"
  [entryPoints.traefik]
    address = ":8080"
[providers]
  [providers.rancher]
    watch = true
    refreshSeconds = 15
    intervalPoll = false
    exposedByDefault = false
  [providers.file]
    filename = "${config_path}/dynamic_conf.toml"
    watch=true
[api]
  dashboard = true
[certificatesResolvers.aws.acme]
  email = "info@mail.com"
  storage = "${traefik_certs_path}/acme.json"
  [certificatesResolvers.aws.acme.dnsChallenge]
    provider = "route53"
    delayBeforeCheck = 5

dynamic_conf.toml:

# redirect
[http.middlewares]
  [http.middlewares.redirect.redirectscheme]
    scheme = "https"
    permanent = true

 [http.middlewares.url-com-auth.basicAuth]
   #default traefik:traefik, dollar signs escaped with double dollar-signs
   # for generating new basic auth string use 'htpasswd -n -C 5 -B <user>'
   #users = ["BASIC_AUTH"]
   usersFile = "usersfile"

# gzip compression
  [http.middlewares.compress.compress]

traefik labels:

traefik.enable: true 
traefik.http.routers.traefik-web.entrypoints: web
traefik.http.routers.traefik-web.rule: Host(`traefik.url.com`)
traefik.http.routers.traefik-web.middlewares: redirect@file #defined in dynamic_conf.toml
traefik.http.routers.traefik-websecure.entrypoints: websecure
traefik.http.routers.traefik-websecure.tls.certresolver: aws
traefik.http.routers.traefik-websecure.rule: Host(`traefik.url.com`)
traefik.http.routers.traefik-websecure.tls.domains[0].sans: '*.url.com'
traefik.http.routers.traefik-websecure.tls.domains[0].main: 'url.com'
traefik.http.routers.traefik-websecure.service: api@internal
traefik.http.routers.traefik-websecure.middlewares: url-com-auth@file #defined in dynamic_conf.toml
traefik.http.services.traefik-websecure.loadbalancer.server.port: 8080

service labels (that should be redirected to subpath):

traefik.enable: true    
traefik.http.routers.app-web.entrypoints: web
traefik.http.routers.app-web.middlewares: redirect@file #defined in dynamic_conf.toml
traefik.http.routers.app-web.rule: Host(`app.url.com`)
traefik.http.routers.app-websecure.entrypoints: websecure
traefik.http.routers.app-websecure.middlewares: errorhandler@file,compress@file #defined in dynamic_conf.toml
traefik.http.routers.app-websecure.tls: true
traefik.http.services.app-websecure.loadbalancer.server.port: 8080
traefik.http.routers.app-websecure.rule: Host(`app.url.com`)

I thought modifying

traefik.http.routers.app-websecure.rule: Host(`app.url.com`)

to

traefik.http.routers.app-websecure.rule: Host(`app.url.com`) && PathPrefix(`/subpath/`)

Would to the trick, but it only works for https://app.url.com/subpath/ directly opened not for https://app.url.com or http://app.url.com.

So how do i redirect/prioritize a redirection here ?

Robert

First if you are redirecting everything on your web entry point to https may I suggest EntryPoint Redirection and entrypoint TLS (Traefik v2.2). It saves a catchall rule or a rule and middleware per service. I find it a lot cleaner to work with.

I would go about it like:

# This would _only_ match http://app.url.com
traefik.http.routers.app-websecure-redir.rule: Host(`app.url.com`) && Path(`/`)
traefik.http.routers.app-websecure-redir.tls: true
traefik.http.routers.app-websecure-redir.middlewares: app-websecure-redir
traefik.http.middlewares.app-websecure-redir.redirectregex.regex: ".*"
traefik.http.middlewares.app-websecure-redir.redirectregex.replacement: https://app.url.com/subpath/
...
# Your router is here
traefik.http.routers.app-websecure.rule: Host(`app.url.com`) && PathPrefix(`/subpath/`)
...
...

I hope this helps, if there is anything more complex like redirecting anything that does NOT have /subpath/ or requires passing the original path to subpath then the redirectregex can be updated.

As I got to the end of this I thought if your app returns the correct path on the request you could just do an addPrefix.

# This would _only_ match http://app.url.com/
traefik.http.routers.app-websecure-redir.rule: Host(`app.url.com`) && Path(`/`)
traefik.http.routers.app-websecure-redir.tls: true
traefik.http.routers.app-websecure-redir.middlewares: app-websecure-addsub
traefik.http.middlewares.app-websecure-addsub.addPrefix.prefix: /subpath
...
# Your router is here
traefik.http.routers.app-websecure.rule: Host(`app.url.com`) && PathPrefix(`/subpath/`)
...
...

Hi @cakiwi,

thanks a lot i will try that.