Redirect to another entryPoint per frontend #2133
Conversation
SantoDE
force-pushed
the
feature/redirect_per_frontend
branch
from
473a464
to
4e3bee4
Compare
There was a problem hiding this comment.
Hey @SantoDE !
Hum 🤔, I think it would be better to stick with the current behavior and not redefine another way to redirect.
How about using a label traefik.frontend.redirect=https to achieve this ? This would allow to reuse some code ;)
WDYT @containous/traefik ?
|
Hey @emilevauge , |
|
@SantoDE Do you think that you could leverage the Headers middleware to accomplish this? By setting the I am currently implementing the full gamut of options in 2030. Unfortunately, I have been delayed due to school. PR 2146 is attempting to do part of this. @containous/traefik Thoughts? |
|
@dtomcej we would then be doing to different kind of rewrites for the "same" case. The entryPoint https redirect works the same way by utilizing the rewrite middleware. Im personally not bound to either way, but we should use the same in both cases |
|
@SantoDE I don't disagree. Unfortunately we have a bunch of different places to accomplish the same thing. I don't want to duplicate or introduce duplicate code. All the providers have access to invoke the headers middleware, and so might be a clean way to invoke the same functions. Although, we should decide on if that is the way we want to proceed. |
|
An example would be that you introduce an |
|
Would you then move the entryPoint redirect behavior as well? I personally don't like to utilize different rewrites from entryPoint to frontends. @emilevauge halp! :) |
|
Hi @SantoDE @emilevauge! Given that there are still a couple of other features pending for 1.4, do you think this one could also somehow fit the same release? Configrinfg the behavior of https redirects sounds like a great option for many mixed-use environments (especially those serving legacy pre-letsencrypt stuff). Agree with @SantoDE that the PR will close #1456 (which has relatively high number of 👍). BTW there seems to exist an intersection with #2146 if I’m not wrong. |
SantoDE
force-pushed
the
feature/redirect_per_frontend
branch
5 times, most recently
from
6533724
to
b5f435b
Compare
|
Hey @emilevauge , @dtomcej and more. I updated my code like you suggested. I also changed the web ui once again.
Looking forward to your feedback :) @kachkaev yeah there is some intersection but it's not too bad :) This PR will be included in 1.5 I guess. |
SantoDE
force-pushed
the
feature/redirect_per_frontend
branch
from
b5f435b
to
d37fe4d
Compare
There was a problem hiding this comment.
Design LGTM
Thanks @SantoDE 👏
Could update you PR description accordingly ?
traefiker
force-pushed
the
feature/redirect_per_frontend
branch
from
70e3542
to
d89be5a
Compare
|
Merged! Awesome news! 🎉 Thanks @SantoDE for the work! Traefik team: when do you think this feature would be available in the public Docker images? Which tag would it be in? |
|
@tiangolo We put only bug fix in the branch 1.4 (https://github.com/containous/traefik#release-cycle) As you see the milestone is 1.5. |
|
I've tried to make use of this https redirect in v1.5.0-rc3 but can't seem to get it to work. I've tried multiple scenarios, non of which result in http to https redirects. Am I misunderstanding something here? Thank you! |
labels:
- traefik.backend=host.com
- traefik.frontend.rule=Host:host.com,www.host.com
- traefik.docker.network=traefik
- traefik.frontend.entryPoints=http
- traefik.frontend.redirect.entryPoint=https
- traefik.enable=truehttp://v1-5.archive.docs.traefik.io/configuration/backends/docker/#on-service |
|
Thank you @ldez I gave the regex/replacement solution a try, but it seems to break my traefik setup. These are the labels I used: In any case, I want to thank you for your help! I did come across this label: Thank you! |
ldez
changed the title
|
I have a local setup that by default redirects http to https. However I would like a single container to work on http only (for legacy reasons [as always]). I couldn't figure out which combinations of labels would work to enable that. in effect I would like:
The setup is plain old docker running locally with the following default configuration: [entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]I have tried: labels:
traefik.http.frontend.entryPoints: http
traefik.http.frontend.redirect: http
traefik.https.frontend.entryPoints: https
traefik.https.frontend.redirect: http labels:
traefik.frontend.headers.SSLRedirect: 'false' labels:
traefik.frontend.entryPoints: http
traefik.frontend.redirect.entryPoint: httpand various combinations of the above. Am I missing something obvious? |
|
@h-bragg The Working example for redirect http to https: labels:
- "traefik.port=80"
- "traefik.frontend.rule=Host:MySecureDomain"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.entryPoints=http,https"For your other container, simply drop the redirect-header and https entrypoint like this: labels:
- "traefik.port=80"
- "traefik.frontend.rule=Host:MyInsecureDomain"
- "traefik.frontend.entryPoints=http"I tested this using latest stable docker release ( |
|
@DMW007 thanks, I have it working like this for now. Was looking for it to be ssl by default with http as the exception (each thing connecting to it might be done by a different person, so the least amount of configuration required is better). |
|
Wanted to test this out locally. I'm in a use case where ssl termination is happening at a load balancer before hitting traefik, but would still like traefik to handle the redirect of http to https. Is there a way to disable ssl, or using a different port to handle http requests? docker-compose.yml version: '2'
services:
web:
image: nginx:alpine
ports:
- "80"
labels:
- "traefik.enable=true"
- "traefik.frontend.rule=Host:web.localhost"
- "traefik.port=80"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.entryPoints=http,https"
proxy:
image: traefik
command: --api --docker --docker.domain=docker.localhost --logLevel=DEBUG
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /dev/null:/traefik.toml |
|
Thanks for your interest in Traefik 😃 A pull request is not the place for question. Please come discuss this in :
|
Description
This PR makes it possible, to enable a redirect to another entrypoint per frontend. Current Supported Backends are:
The only thing you need to do is, set e.g.
traefik.frontend.redirect=https.If this redirect is enabled, it's shown on the dashboard as well.
Fixes #1456, #541