Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

traefik v2 RedirectScheme to HTTPS in Docker Provider does not redirect #4688

Closed
Zaxim opened this issue Mar 28, 2019 · 10 comments

Comments

@Zaxim
Copy link

commented Mar 28, 2019

Do you want to request a feature or report a bug?

Bug

What did you do?

I created a traefik.toml file below

[global]
  sendAnonymousUsage = false
  logLevel = "DEBUG" #DEBUG, INFO, WARN, ERROR, FATAL, PANIC
  debug = true

[entrypoints]
  [entrypoints.http]
    address = ":80"

  [entrypoints.https]
    address = ":443"

[providers]

  [providers.docker]
    # Connection to docker host system (docker.sock)
    endpoint = "unix:///var/run/docker.sock"
    watch = true
    # This will hide all docker containers that don't have explicitly  
    # set label to "enable"
    exposedbydefault = false
    #network = "traefik_proxy"

[api]

and I created a docker-compose file below

version: "3.6"
services:

  traefik:
    image: traefik:2.0.0-alpha2 # The official v2.0 Traefik docker image
    container_name: traefik
    restart: always
    networks:
      - default
      - traefik_proxy
    ports:
      - "80:80"     # The HTTP port
      - "443:443"     # The HTTPS port
    environment:
      - CF_API_EMAIL=${CLOUDFLARE_EMAIL}
      - CF_API_KEY=${CLOUDFLARE_API_KEY}
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik1_router.rule=Host(`traefik.${DOMAINNAME}`)"
      - "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.traefik1_router.middlewares=https_redirect"
      - "traefik.http.routers.traefik1_router.tls"
      - "traefik.http.services.traefik1_service.loadbalancer.server.port=8080"
    volumes:
      - ${DOCKER_SOCK}:/var/run/docker.sock:ro # So that Traefik can listen to the Docker events
      - ./traefik/docker-config/etc/traefik:/etc/traefik
      - ./docker-shared:/shared

networks:
  traefik_proxy:
    external:
      name: traefik_proxy
  default:
    driver: bridge

Run docker-compose up

Navigate to http://traefik.example.com

What did you expect to see?

I expected the browser to redirect to https://traefik.example.com and the traefik dashboard placeholder page to load.

What did you see instead?

I received a 404 page not found

$ curl -v traefik.example.com
* Expire in 0 ms for 6 (transfer 0x55ed8718b2f0)
*   Trying 192.168.2.5...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x55ed8718b2f0)
* Connected to <SNIPPED> (192.168.2.5) port 80 (#0)
> GET / HTTP/1.1
> Host: <SNIPPED>
> User-Agent: curl/7.64.0
> Accept: */*
> 
< HTTP/1.1 404 Not Found
< Content-Type: text/plain; charset=utf-8
< X-Content-Type-Options: nosniff
< Date: Thu, 28 Mar 2019 18:48:09 GMT
< Content-Length: 19
< 
404 page not found
* Connection #0 to host <SNIPPED> left intact

If I navigate directly to https://traefik.example.com, the dashboard page does load properly.

Output of traefik version: (What version of Traefik are you using?)

Version:      2.0.0-alpha2
Codename:     faisselle
Go version:   go1.12.1
Built:        2019-03-19T18:44:59Z
OS/Arch:      linux/amd64

If applicable, please paste the log output in DEBUG level (--logLevel=DEBUG switch)

Attaching to traefik                                                                                                                                                         traefik    | time="2019-03-28T19:14:53Z" level=info msg="Using TOML configuration file /etc/traefik/traefik.toml"                                                            
traefik    | time="2019-03-28T19:14:53Z" level=info msg="Traefik version 2.0.0-alpha2 built on 2019-03-19T18:44:59Z"                                                         traefik    | time="2019-03-28T19:14:53Z" level=debug msg="Static configuration loaded {\"Global\":{\"Debug\":true,\"CheckNewVersion\":false,\"SendAnonymousUsage\":false},\"S
erversTransport\":{\"InsecureSkipVerify\":false,\"RootCAs\":null,\"MaxIdleConnsPerHost\":200,\"ForwardingTimeouts\":null},\"EntryPoints\":{\"http\":{\"Address\":\":80\",\"Transport\":{\"LifeCycle\":{\"RequestAcceptGraceTimeout\":0,\"GraceTimeOut\":10000000000},\"RespondingTimeouts\":{\"ReadTimeout\":0,\"WriteTimeout\":0,\"IdleTimeout\":18000000
0000}},\"ProxyProtocol\":null,\"ForwardedHeaders\":{\"Insecure\":false,\"TrustedIPs\":null}},\"https\":{\"Address\":\":443\",\"Transport\":{\"LifeCycle\":{\"RequestAcceptGra
ceTimeout\":0,\"GraceTimeOut\":10000000000},\"RespondingTimeouts\":{\"ReadTimeout\":0,\"WriteTimeout\":0,\"IdleTimeout\":180000000000}},\"ProxyProtocol\":null,\"ForwardedHea
ders\":{\"Insecure\":false,\"TrustedIPs\":null}},\"traefik\":{\"Address\":\":8080\",\"Transport\":{\"LifeCycle\":{\"RequestAcceptGraceTimeout\":0,\"GraceTimeOut\":1000000000
0},\"RespondingTimeouts\":{\"ReadTimeout\":0,\"WriteTimeout\":0,\"IdleTimeout\":180000000000}},\"ProxyProtocol\":null,\"ForwardedHeaders\":{\"Insecure\":false,\"TrustedIPs\"
:null}}},\"Providers\":{\"ProvidersThrottleDuration\":0,\"Docker\":{\"Watch\":true,\"Filename\":\"\",\"Constraints\":null,\"Trace\":false,\"DebugLogGeneratedTemplate\":false
,\"Endpoint\":\"unix:///var/run/docker.sock\",\"DefaultRule\":\"Host(`{{ normalize .Name }}`)\",\"TLS\":null,\"ExposedByDefault\":false,\"UseBindPortIP\":false,\"SwarmMode\"
:false,\"Network\":\"\",\"SwarmModeRefreshSeconds\":15},\"File\":{\"Watch\":true,\"Filename\":\"\",\"Constraints\":null,\"Trace\":false,\"DebugLogGeneratedTemplate\":false,\
"Directory\":\"\",\"TraefikFile\":\"/etc/traefik/traefik.toml\"},\"Marathon\":null,\"Kubernetes\":null,\"KubernetesCRD\":null,\"Rest\":null},\"API\":{\"EntryPoint\":\"traefi
k\",\"Dashboard\":true,\"Statistics\":null,\"Middlewares\":null},\"Metrics\":null,\"Ping\":null,\"Log\":null,\"AccessLog\":null,\"Tracing\":null,\"HostResolver\":null,\"ACME
\":{\"Email\":\"<SNIPPED>@yahoo.com\",\"ACMELogging\":true,\"CAServer\":\"https://acme-v02.api.letsencrypt.org/directory\",\"Storage\":\"/etc/traefik/acme/acme.json\",\"Entry
Point\":\"\",\"KeyType\":\"\",\"OnHostRule\":false,\"DNSChallenge\":{\"Provider\":\"cloudflare\",\"DelayBeforeCheck\":0,\"Resolvers\":null,\"DisablePropagationCheck\":false}
,\"HTTPChallenge\":null,\"TLSChallenge\":null,\"Domains\":[{\"Main\":\"*.example.com\",\"SANs\":[\"example.com\"]}]}}"
traefik    | time="2019-03-28T19:14:53Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc
s.traefik.io/basics/#collected-data\n"
traefik    | time="2019-03-28T19:14:53Z" level=debug msg="No default certificate, generate one"
traefik    | time="2019-03-28T19:14:53Z" level=debug msg="Start TCP Server" entryPointName=http
traefik    | time="2019-03-28T19:14:53Z" level=debug msg="Start TCP Server" entryPointName=traefik
traefik    | time="2019-03-28T19:14:53Z" level=debug msg="Start TCP Server" entryPointName=https
traefik    | time="2019-03-28T19:14:53Z" level=info msg="Starting provider aggregator.ProviderAggregator {}"
traefik    | time="2019-03-28T19:14:53Z" level=info msg="Starting provider *file.Provider {\"Watch\":true,\"Filename\":\"\",\"Constraints\":null,\"Trace\":false,\"DebugLogGe
neratedTemplate\":false,\"Directory\":\"\",\"TraefikFile\":\"/etc/traefik/traefik.toml\"}"
traefik    | time="2019-03-28T19:14:53Z" level=info msg="Starting provider *docker.Provider {\"Watch\":true,\"Filename\":\"\",\"Constraints\":null,\"Trace\":false,\[12/3990]
GeneratedTemplate\":false,\"Endpoint\":\"unix:///var/run/docker.sock\",\"DefaultRule\":\"Host(`{{ normalize .Name }}`)\",\"TLS\":null,\"ExposedByDefault\":false,\"UseBindPor
tIP\":false,\"SwarmMode\":false,\"Network\":\"\",\"SwarmModeRefreshSeconds\":15}"
traefik    | time="2019-03-28T19:14:53Z" level=info msg="Starting provider *acme.Provider {\"Email\":\"<SNIPPED>@yahoo.com\",\"ACMELogging\":true,\"CAServer\":\"https://acme-
v02.api.letsencrypt.org/directory\",\"Storage\":\"/etc/traefik/acme/acme.json\",\"EntryPoint\":\"\",\"KeyType\":\"\",\"OnHostRule\":false,\"DNSChallenge\":{\"Provider\":\"cl
oudflare\",\"DelayBeforeCheck\":0,\"Resolvers\":null,\"DisablePropagationCheck\":false},\"HTTPChallenge\":null,\"TLSChallenge\":null,\"Domains\":[{\"Main\":\"*.example.com\",\"SANs\":[\"example.com\"]}],\"Store\":{}}"
traefik    | time="2019-03-28T19:14:53Z" level=info msg="Testing certificate renew..." providerName=acme
traefik    | time="2019-03-28T19:14:53Z" level=debug msg="Looking for provided certificate(s) to validate [\"*.example.com\" \"example.com\"]..." provi
derName=acme
traefik    | time="2019-03-28T19:14:53Z" level=debug msg="No ACME certificate generation required for domains [\"*.example.com\" \"example.com\"]." pro
viderName=acme
traefik    | time="2019-03-28T19:14:53Z" level=debug msg="Configuration received from provider file: {\"HTTP\":{\"middlewares\":{\"redirectSSL\":{\"redirectscheme\":{\"schem
e\":\"https\",\"port\":\"443\"}}}},\"TCP\":{},\"TLSOptions\":{},\"TLSStores\":{}}" providerName=file
traefik    | time="2019-03-28T19:14:53Z" level=debug msg="Configuration received from provider ACME: {\"HTTP\":{},\"TCP\":null,\"TLSOptions\":null,\"TLSStores\":null}" provi
derName=ACME
traefik    | time="2019-03-28T19:14:53Z" level=debug msg="No default certificate, generate one"
traefik    | time="2019-03-28T19:14:53Z" level=debug msg="Provider connection established with docker 18.09.3 (API 1.39)" providerName=docker
traefik    | time="2019-03-28T19:14:53Z" level=debug msg="Configuration received from provider docker: {\"HTTP\":{\"routers\":{\"traefik1_router\":{\"entryPoints\":null,\"mi
ddlewares\":[\"https_redirect\"],\"service\":\"traefik1_service\",\"rule\":\"Host(`traefik.example.com`)\",\"tls\":{}}},\"middlewares\":{\"https_redirect\":{\"red
irectscheme\":{\"scheme\":\"https\"}}},\"services\":{\"traefik1_service\":{\"loadbalancer\":{\"servers\":[{\"url\":\"http://172.28.0.2:8080\",\"weight\":1}],\"method\":\"wrr
\",\"passHostHeader\":true}}}},\"TCP\":{},\"TLSOptions\":null,\"TLSStores\":null}" providerName=docker
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="No store is defined to add the certificate MIIGgTCCBWmgAwIBAgISA/H4XldVQmqr0y+HlNdLZfpbMA0GCS, it will be added to
the default store."
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="Add certificate for domains *.example.com,example.com"
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="No default certificate, generate one"
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="Add certificate for domains *.example.com,example.com"
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="No default certificate, generate one"
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="Creating middleware" serviceName=traefik1_service routerName=docker.traefik1_router entryPointName=http middlewareN
ame=pipelining middlewareType=Pipelining
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="Creating wrr load-balancer" routerName=docker.traefik1_router entryPointName=http serviceName=traefik1_service
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="Creating server 0 at http://172.28.0.2:8080 with weight 1" entryPointName=http serviceName=traefik1_service routerN
ame=docker.traefik1_router serverName=0
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="Added outgoing tracing middleware traefik1_service" routerName=docker.traefik1_router middlewareType=TracingForward
er middlewareName=tracing entryPointName=http
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="Creating middleware" entryPointName=http middlewareType=RedirectScheme routerName=docker.traefik1_router middleware
Name=docker.https_redirect
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="Setting up redirection to https " middlewareType=RedirectScheme routerName=docker.traefik1_router middlewareName=do
cker.https_redirect entryPointName=http
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="Adding tracing to middleware" routerName=docker.traefik1_router entryPointName=http middlewareName=docker.https_red
irect
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="Creating middleware" entryPointName=http middlewareName=traefik-internal-recovery middlewareType=Recovery
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="Creating middleware" entryPointName=https middlewareName=traefik-internal-recovery middlewareType=Recovery
traefik    | time="2019-03-28T19:14:54Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery

@cypx

This comment has been minimized.

Copy link

commented Mar 28, 2019

I encounter the same issue when I try to use TLS enabled router on HTTP entrypoint.
Not sure about the reasons but I'm unable to use the same router for HTTP and HTTPS

Maybe not the best way but I use two different routers to fix this, so you can try with

version: "3.6"
services:

  traefik:
    image: traefik:2.0.0-alpha2 # The official v2.0 Traefik docker image
    container_name: traefik
    restart: always
    networks:
      - default
      - traefik_proxy
    ports:
      - "80:80"     # The HTTP port
      - "443:443"     # The HTTPS port
    environment:
      - CF_API_EMAIL=${CLOUDFLARE_EMAIL}
      - CF_API_KEY=${CLOUDFLARE_API_KEY}
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik1_router.rule=Host(`traefik.${DOMAINNAME}`)"
      - "traefik.http.routers.traefik1_router.entryPoints=http"
      - "traefik.http.routers.traefik1_router.middlewares=https_redirect"
      - "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.traefik1_tls_router.rule=Host(`traefik.${DOMAINNAME}`)"
      - "traefik.http.routers.traefik1_tls_router.entryPoints=https"
      - "traefik.http.routers.traefik1_tls_router.tls"
      - "traefik.http.services.traefik1-tls_service.loadbalancer.server.port=8080"
    volumes:
      - ${DOCKER_SOCK}:/var/run/docker.sock:ro # So that Traefik can listen to the Docker events
      - ./traefik/docker-config/etc/traefik:/etc/traefik
      - ./docker-shared:/shared

networks:
  traefik_proxy:
    external:
      name: traefik_proxy
  default:
    driver: bridge
@Zaxim

This comment has been minimized.

Copy link
Author

commented Mar 28, 2019

Thanks @cypx. I think I figured it out about the same time you posted.

I ended up getting it to work with this docker-compose file

version: "3.6"
services:

  traefik:
    image: traefik:2.0.0-alpha2 # The official v2.0 Traefik docker image
    container_name: traefik
    restart: always
    networks:
      - default
      - traefik_proxy
    ports:
      - "80:80"     # The HTTP port
      - "443:443"     # The HTTPS port
    environment:
      - CF_API_EMAIL=${CLOUDFLARE_EMAIL}
      - CF_API_KEY=${CLOUDFLARE_API_KEY}
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik1_router_http.rule=Host(`traefik.${DOMAINNAME}`)"
      - "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.traefik1_router_http.middlewares=https_redirect"
      - "traefik.http.routers.traefik1_router_https.rule=Host(`traefik.${DOMAINNAME}`)"
      - "traefik.http.routers.traefik1_router_https.tls"
      - "traefik.http.services.traefik1_service.loadbalancer.server.port=8080"
    volumes:
      - ${DOCKER_SOCK}:/var/run/docker.sock:ro # So that Traefik can listen to the Docker events
      - ./traefik/docker-config/etc/traefik:/etc/traefik
      - ./docker-shared:/shared

The hint that I needed was in the docs under Routers:TLS and the Routers for HTTP & HTTPS section that states:

If you need to define the same route for both HTTP and HTTPS requests, you will need to define two different routers: one with the tls section, one without.

This seems kind of silly and overly verbose. traefik v1 allowed you to easily defined a redirect in the entrypoint section. Now we need double the number of labels for every service defined in the docker-compose.

@cypx

This comment has been minimized.

Copy link

commented Mar 28, 2019

Thank for explanation @Zaxim, I assume something like but do not find the right part of the doc.

The label number increase is a bit embarrassing but probably necessary to manage all new features.

@ldez

This comment has been minimized.

Copy link
Member

commented Mar 28, 2019

to enable TLS, the syntax is:

 - "traefik.http.routers.traefik1_router.tls=true"

The following syntax is not valid:

 - "traefik.http.routers.traefik1_router.tls"
@ldez

This comment has been minimized.

Copy link
Member

commented Mar 28, 2019

also note that the log level must be define in the section [log] and not in the section [global]

https://docs.traefik.io/v2.0/observability/logs/#loglevel

@Zaxim

This comment has been minimized.

Copy link
Author

commented Mar 28, 2019

Thanks for the clarifications @ldez. Do we have an example traefik.toml file for v2? It's difficult to figure out the different sections for that file as it's broken up in a lot of places in the docs.

@ldez

This comment has been minimized.

Copy link
Member

commented Mar 29, 2019

https://github.com/containous/traefik/blob/v2.0/traefik.sample.toml

[Global]
  Debug = true
  CheckNewVersion = true
  SendAnonymousUsage = true

[ServersTransport]
  InsecureSkipVerify = true
  RootCAs = ["foobar", "foobar"]
  MaxIdleConnsPerHost = 42
  [ServersTransport.ForwardingTimeouts]
    DialTimeout = 42
    ResponseHeaderTimeout = 42

[EntryPoints]
  [EntryPoints.EntryPoint0]
    Address = "foobar"
    [EntryPoints.EntryPoint0.Transport]
      [EntryPoints.EntryPoint0.Transport.LifeCycle]
        RequestAcceptGraceTimeout = 42
        GraceTimeOut = 42
      [EntryPoints.EntryPoint0.Transport.RespondingTimeouts]
        ReadTimeout = 42
        WriteTimeout = 42
        IdleTimeout = 42
    [EntryPoints.EntryPoint0.ProxyProtocol]
      Insecure = true
      TrustedIPs = ["foobar", "foobar"]
    [EntryPoints.EntryPoint0.ForwardedHeaders]
      Insecure = true
      TrustedIPs = ["foobar", "foobar"]
  [EntryPoints.EntryPoint1]
    Address = "foobar"
    [EntryPoints.EntryPoint1.Transport]
      [EntryPoints.EntryPoint1.Transport.LifeCycle]
        RequestAcceptGraceTimeout = 42
        GraceTimeOut = 42
      [EntryPoints.EntryPoint1.Transport.RespondingTimeouts]
        ReadTimeout = 42
        WriteTimeout = 42
        IdleTimeout = 42
    [EntryPoints.EntryPoint1.ProxyProtocol]
      Insecure = true
      TrustedIPs = ["foobar", "foobar"]
    [EntryPoints.EntryPoint1.ForwardedHeaders]
      Insecure = true
      TrustedIPs = ["foobar", "foobar"]

[Providers]
  ProvidersThrottleDuration = 42
  [Providers.Docker]
    Watch = true
    Endpoint = "foobar"
    DefaultRule = "foobar"
    ExposedByDefault = true
    UseBindPortIP = true
    SwarmMode = true
    Network = "foobar"
    SwarmModeRefreshSeconds = 42

    [[Providers.Docker.Constraints]]
      Key = "foobar"
      MustMatch = true
      Regex = "foobar"

    [[Providers.Docker.Constraints]]
      Key = "foobar"
      MustMatch = true
      Regex = "foobar"
    [Providers.Docker.TLS]
      CA = "foobar"
      CAOptional = true
      Cert = "foobar"
      Key = "foobar"
      InsecureSkipVerify = true
  [Providers.File]
    Directory = "foobar"
    Watch = true
    Filename = "foobar"
    DebugLogGeneratedTemplate = true
    TraefikFile = "foobar"
  [Providers.Marathon]
    Trace = true
    Watch = true
    Endpoint = "foobar"
    DefaultRule = "foobar"
    ExposedByDefault = true
    DCOSToken = "foobar"
    FilterMarathonConstraints = true
    DialerTimeout = 42
    ResponseHeaderTimeout = 42
    TLSHandshakeTimeout = 42
    KeepAlive = 42
    ForceTaskHostname = true
    RespectReadinessChecks = true

    [[Providers.Marathon.Constraints]]
      Key = "foobar"
      MustMatch = true
      Regex = "foobar"

    [[Providers.Marathon.Constraints]]
      Key = "foobar"
      MustMatch = true
      Regex = "foobar"
    [Providers.Marathon.TLS]
      CA = "foobar"
      CAOptional = true
      Cert = "foobar"
      Key = "foobar"
      InsecureSkipVerify = true
    [Providers.Marathon.Basic]
      HTTPBasicAuthUser = "foobar"
      HTTPBasicPassword = "foobar"
  [Providers.Kubernetes]
    Endpoint = "foobar"
    Token = "foobar"
    CertAuthFilePath = "foobar"
    DisablePassHostHeaders = true
    Namespaces = ["foobar", "foobar"]
    LabelSelector = "foobar"
    IngressClass = "foobar"
    [Providers.Kubernetes.IngressEndpoint]
      IP = "foobar"
      Hostname = "foobar"
      PublishedService = "foobar"
  [Providers.KubernetesCRD]
    Endpoint = "foobar"
    Token = "foobar"
    CertAuthFilePath = "foobar"
    DisablePassHostHeaders = true
    Namespaces = ["foobar", "foobar"]
    LabelSelector = "foobar"
    IngressClass = "foobar"
  [Providers.Rest]
    EntryPoint = "foobar"

[API]
  EntryPoint = "foobar"
  Dashboard = true
  Middlewares = ["foobar", "foobar"]
  [API.Statistics]
    RecentErrors = 42

[Metrics]
  [Metrics.Prometheus]
    Buckets = [42.0, 42.0]
    EntryPoint = "foobar"
    Middlewares = ["foobar", "foobar"]
  [Metrics.Datadog]
    Address = "foobar"
    PushInterval = "foobar"
  [Metrics.StatsD]
    Address = "foobar"
    PushInterval = "foobar"
  [Metrics.InfluxDB]
    Address = "foobar"
    Protocol = "foobar"
    PushInterval = "foobar"
    Database = "foobar"
    RetentionPolicy = "foobar"
    Username = "foobar"
    Password = "foobar"

[Ping]
  EntryPoint = "foobar"
  Middlewares = ["foobar", "foobar"]

[Log]
  LogLevel = "foobar"
  FilePath = "foobar"
  Format = "foobar"

[AccessLog]
  FilePath = "foobar"
  Format = "foobar"
  BufferingSize = 42
  [AccessLog.Filters]
    StatusCodes = ["foobar", "foobar"]
    RetryAttempts = true
    MinDuration = 42
  [AccessLog.Fields]
    DefaultMode = "foobar"
    [AccessLog.Fields.Names]
      name0 = "foobar"
      name1 = "foobar"
    [AccessLog.Fields.Headers]
      DefaultMode = "foobar"
      [AccessLog.Fields.Headers.Names]
        name0 = "foobar"
        name1 = "foobar"

[Tracing]
  Backend = "foobar"
  ServiceName = "foobar"
  SpanNameLimit = 42
  [Tracing.Jaeger]
    SamplingServerURL = "foobar"
    SamplingType = "foobar"
    SamplingParam = 42.0
    LocalAgentHostPort = "foobar"
    Gen128Bit = true
    Propagation = "foobar"
    TraceContextHeaderName = "foobar"
  [Tracing.Zipkin]
    HTTPEndpoint = "foobar"
    SameSpan = true
    ID128Bit = true
    Debug = true
    SampleRate = 42.0
  [Tracing.DataDog]
    LocalAgentHostPort = "foobar"
    GlobalTag = "foobar"
    Debug = true
    PrioritySampling = true
  [Tracing.Instana]
    LocalAgentHost = "foobar"
    LocalAgentPort = 42
    LogLevel = "foobar"

[HostResolver]
  CnameFlattening = true
  ResolvConfig = "foobar"
  ResolvDepth = 42

[ACME]
  Email = "foobar"
  ACMELogging = true
  CAServer = "foobar"
  Storage = "foobar"
  EntryPoint = "foobar"
  KeyType = "foobar"
  OnHostRule = true
  [ACME.DNSChallenge]
    Provider = "foobar"
    DelayBeforeCheck = 42
    Resolvers = ["foobar", "foobar"]
    DisablePropagationCheck = true
  [ACME.HTTPChallenge]
    EntryPoint = "foobar"
  [ACME.TLSChallenge]

  [[ACME.Domains]]
    Main = "foobar"
    SANs = ["foobar", "foobar"]

  [[ACME.Domains]]
    Main = "foobar"
    SANs = ["foobar", "foobar"]
@Zaxim

This comment has been minimized.

Copy link
Author

commented Mar 29, 2019

Much appreciated for everyone's help. Especially, @dtomcej who spent a bunch of time today working with me in Slack and asked me to open the bug report. It doesn't look like this is a bug, and should be closed as working as intended .

@ldez ldez closed this Mar 29, 2019

@dduportal

This comment has been minimized.

Copy link
Contributor

commented Mar 29, 2019

Thanks @Zaxim for this feedback!

@torarnv

This comment has been minimized.

Copy link

commented May 9, 2019

This seems kind of silly and overly verbose. traefik v1 allowed you to easily defined a redirect in the entrypoint section. Now we need double the number of labels for every service defined in the docker-compose.

Agree about this part. Hoping it's something that can be smoothed out down the line. Ideally I'd set up static stuff and defaults in traefik.toml, and then leave the host rule and similar things to the docker labels.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
6 participants
You can’t perform that action at this time.