I would like to create a traefik v2 config file which redirects http://localhost:80 traffic to http://otherhost.example.com:8080.
defaultEntryPoints = ["http"]
[entryPoints]
[entryPoints.dashboard]
address = ":80"
[entryPoints.dashboard.redirect???]
scheme = "http"
port = "8080"
No dockers whatsoever.
Thanks,
Lorand.
That worked:
defaultEntryPoints = ["http"]
## Static configuration
[entryPoints]
[entryPoints.web]
address = ":80"
[providers]
[providers.file]
filename = "dynamic_conf.toml"
watch = true
And dynamic_conf.toml:
## Dynamic configuration
[http.routers]
[http.routers.Router-1]
# By default, routers listen to every entry points
rule = "Host(`localhost`)"
service = "my-service"
[http.services]
[http.services.my-service.loadBalancer]
passHostHeader = false
[[http.services.my-service.loadBalancer.servers]]
url = "http://example.com"
It had to be called with full url, like: http://localhost/index.html
Related
I'd like to be able to use Traefik to forward traffic for a domain with subfolders to a docker container on a diff hosts. Also, I'd like to be able to use multiple separate domains.
I'm unable to find instructions or a guide to do that exactly. Can anyone give me pointers please?
This is what I have so far.
### traefik.toml
defaultEntryPoints = ["https","http"]
[api]
entryPoint = "traefik"
dashboard = true
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
minVersion = "VersionTLS12"
cipherSuites = [
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
]
[entryPoints.traefik]
address = ":8080"
[entryPoints.traefik.auth.basic]
users = ["admin:{SHA}123="]
[acme]
email = "123#123.com"
storage = "/etc/traefik/acme/acme.json"
onHostRule = false
acmeLogging = true
caServer = "https://acme-v02.api.letsencrypt.org/directory"
entryPoint = "https"
[acme.dnsChallenge]
provider = "cloudflare"
delayBeforeCheck = 0
[[acme.domains]]
main = "*.123.it"
[[acme.domains]]
main = "*.123.co.uk"
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "{{ DOMAIN }}"
watch = true
exposedbydefault = false
[file]
[backends]
[backends.backend1]
[backends.backend1.servers.server1]
url = "http://192.168.0.1:8585/"
[backends.backend2]
[backends.backend2.servers.server2]
url = "http://192.168.0.1:8383/"
[frontends]
[frontends.frontend1]
backend = "backend1"
[frontends.frontend1.routes.graf]
rule = "Host:123.it"
[frontends.frontend2]
backend = "backend2"
[frontends.frontend2.routes.graf]
rule = "Host:123.co.uk; PathPrefix: /app"
After reading the github issues related to this with a bunch of loose snippets, It's still completely unclear how to write simple 301 redirects in Traefik as I used to do in nginx like this:
server_name foo.com
return 301 https://bar.com
The plan is: redirect any request in http-scheme to https (same domain), regardless whether the domain exists or not like in nginx default host on port 80 with redirect 301 https://$host.
Then, matching the https-Host, return a redirect code with the new Location: - Header.
My base traefik.toml is:
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
minVersion = "VersionTLS12"
[acme]
email = "acme#mydomain.com"
storage = "/etc/traefik/acme/acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
[file]
directory = "/etc/traefik/conf/"
watch = true
Now, how does a file in conf/ must look like to adopt the above nginx redirect? It's about ~300 domains which are hosted at another place, so no backend needed, and it must not be 302/rewrites to be SEO-conform.
This pr https://github.com/containous/traefik/pull/2570 seems to be near to what I want, but there's no documentation how to use it.
Hey i am trying catch all request to an Subdomain, with no matching rool and redirect them to https://localhost:8000 without subdomain and suburl. But there is no redirect, i just get the response from the backend.
[file]
[frontends]
[frontends.homeRedirect]
entryPoints = ["https"]
priority = 1
backend = "homeRedirect"
[frontends.homeRedirect.routes.everything]
rule = "PathPrefix:/"
[frontends.homeRedirect.headers]
SSLRedirect = true
[frontends.homeRedirect.redirect]
regex = "(.*)"
replacement = "https://localhost:8000"
[backends]
[backends.homeRedirect]
[backends.homeRedirect.servers]
[backends.homeRedirect.servers.server0]
url = "http://frontend:80"
Is there something wrong with my file?
In this case, a redirect on the entry point is more appropriate:
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
regex = "^http://subdomain.mydomain/(.*)"
replacement = "http://myotherdomain/$1"
https://docs.traefik.io/v1.5/configuration/entrypoints/#rewriting-url
localhost inside the Traefik container is the container not the real machine.
According to https://github.com/containous/traefik/pull/2133, it should be possible to redirect selectively per frontend. Is this available in the File backend?
I tried adding the following, but it didn't work:
[frontends.foo.headers]
SSLRedirect = true
The option SSLRedirect = true always redirect on 443.
If you want to redirect to an entry point without using 443 port use entryPoint = "https"
https://docs.traefik.io/user-guide/examples/#http-redirect-on-https
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[[entryPoints.https.tls.certificates]]
certFile = "examples/traefik.crt"
keyFile = "examples/traefik.key"
https://docs.traefik.io/configuration/backends/file/
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
# ...
[entryPoints.https]
address = ":443"
# ...
[file]
[frontends]
[frontends.frontend1]
backend = "backend1"
[frontends.frontend1.redirect]
entryPoint = "https"
# ...
Our problem is that traffic from the https entrypoint is (probably) forwarded to the backend with the wrong port. Accessing the http entrypoint works as expected: the traffic is loadbalanced between server 1 2 3. when using the https entrypoint, we get a 404 page not found. The TLS is all good, the connection is secure, but it looks like traefik does not change the port for the backend server to :80.
We do let's encrypt via traefik and this looks good.
Here's how we start traffic:
docker run -d -p 443:443 -p 80:80 -v /home/pi/lbtest/traefik/traefik.toml:/traefik.toml -v /home/pi/lbtest/traefik/acme.json:/acme.json traefik
And this is our traefik.toml
debug = true
[file]
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[frontends]
[frontends.lbtest]
backend = "lbtest"
[frontends.lbtest.routes.route0]
rule = "Host:xxx.gotdns.ch"
[backends]
[backends.lbtest]
[backends.lbtest.servers.server1]
url = "http://192.168.178.81:80"
[backends.lbtest.servers.server2]
url = "http://192.168.178.49:80"
[backends.lbtest.servers.server3]
url= "http://192.168.178.64:80"
[acme]
email = "xxx#xxx.eu.com"
storageFile = "acme.json"
acmeLogging = true
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
[[acme.domains]]
main = "xxx.gotdns.ch"
Why does http://xxx.gotdns.ch work - it loadbalances between server 1 2 3 - but not for https://xxx.gotdns.ch. Any ideas?
It's problem with the field defaultEntryPoints in your configuration:
debug = true
defaultEntryPoints = ["http", "https"] # <-- move the field here
[file]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[frontends]
[frontends.lbtest]
backend = "lbtest"
[frontends.lbtest.routes.route0]
rule = "Host:xxx.gotdns.ch"
[backends]
[backends.lbtest]
[backends.lbtest.servers.server1]
url = "http://192.168.178.81:80"
[backends.lbtest.servers.server2]
url = "http://192.168.178.49:80"
[backends.lbtest.servers.server3]
url= "http://192.168.178.64:80"
[acme]
email = "xxx#xxx.eu.com"
storageFile = "acme.json"
acmeLogging = true
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
[[acme.domains]]
main = "xxx.gotdns.ch"
I recommend to write your configuration like that:
debug = true
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[acme]
email = "xxx#xxx.eu.com"
storageFile = "acme.json"
acmeLogging = true
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
[[acme.domains]]
main = "xxx.gotdns.ch"
[file]
[frontends]
[frontends.lbtest]
backend = "lbtest"
[frontends.lbtest.routes.route0]
rule = "Host:xxx.gotdns.ch"
[backends]
[backends.lbtest]
[backends.lbtest.servers.server1]
url = "http://192.168.178.81:80"
[backends.lbtest.servers.server2]
url = "http://192.168.178.49:80"
[backends.lbtest.servers.server3]
url= "http://192.168.178.64:80"