search

PascalMinder / geoblock

Traefik middleware plugin - Deny requests based on country of origin
98 stars 10 forks source link

error unknown plugin #31

Closed TonioDF closed 1 year ago

TonioDF commented 1 year ago

Hello, I am new to traefik. I can't get this plugin to work. I follow the installation process it indicates, but then when I try to push it into a docker instance, I get this error: "entryPointName":"http","level":"error","msg":"plugin: unknown plugin type: geoblock" When I carry out the installation process, everything seems to go well (I leave a screenshot) I get the error when I want to apply it in a docker container Screenshot_2023-01-15-16-31-16-43_3aea4af51f236e4932235fdada7d1643

In the labels of my docker containers I add this: traefik.http.routers."servicedocker".middlewares=my-geoblock@file

Thanks

PascalMinder commented 1 year ago

Did you check out the example docker setup?

Can you also post your configuration files traefik.yml and dynamic-configuration.yml? And also perhaps your docker-compose file?

TonioDF commented 1 year ago

My docker-compose.yml:

version: '3'
services:
  traefik:
    container_name: traefik
    image: traefik:2.6
    ports:
      - 80:80
      - 443:443
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./config/:/etc/traefik/
      - ./traefik.log:/etc/traefik.log
    networks:
      - proxy 
    labels:
      traefik.http.routers.api.rule: Host(`xxx.xxx.duckdns.org`)    
      traefik.http.routers.api.entryPoints: https    
      traefik.http.routers.api.service: api@internal    
      traefik.enable: true   
    environment:
      DUCKDNS_TOKEN: xxx
    restart: unless-stopped
networks:
  proxy:    
    external: true

My traefik.yml:

global:
  checkNewVersion: true
  sendAnonymousUsage: true

serversTransport:
  insecureSkipVerify: true

entryPoints:
  http:
    address: :80
    http:
      redirections:
        entryPoint:
          to: https
          scheme: https

  https:
    address: :443
    http:
      tls:

        certResolver: letsencrypt
        domains:
          - main: xxx.duckdns.org  
            sans:
              - '*.xxx.duckdns.org'  
providers:
  providersThrottleDuration: 2s

  file:
    filename: /etc/traefik/fileConfig.yml
    watch: true
  docker:
    watch: true
    network: proxy 
    defaultRule: "Host(`{{ index .Labels \"com.docker.compose.service\"}}.xxx.duckdns.org`)" 
    swarmModeRefreshSeconds: 15s
    exposedByDefault: false

api:
  dashboard: true
  insecure: false

log:
  filePath: "etc/traefik.log"
  level: ERROR
  format: json

certificatesResolvers:
  letsencrypt:
    acme:
      email: xxx
      storage: /etc/traefik/acme.json
      dnsChallenge:
        provider: duckdns
        resolvers:
          - "1.1.1.1:53"
          - "8.8.8.8:53"
experimental:
  plugins:  
    geoblock:
      moduleName: "github.com/PascalMinder/geoblock"
      version: "v0.2.4"

My dynamic-config.yml:

http:
  routers:
    dashboard:
      entryPoints:
        - https
      rule: Host(`traefik.xxx.duckdns.org`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))
      service: api@internal
      middlewares:
        - auth
  middlewares:
    auth:
      basicAuth:
        users:
          - "xxx"

    my-geoblock:
      plugin:
        geoblock:
          allowLocalRequests: true
          logLocalRequests: false
          logAllowedRequests: false
          logApiRequests: false
          api: "https://get.geojs.io/v1/ip/country/{ip}"
          apiTimeoutMs: 500
          cacheSize: 25
          forceMonthlyUpdate: true
          allowUnknownCountries: false
          unknownCountryApiResponse: "nil"
          backListMode: false
          countries:
            - ES
            - PT

Webdav container example where I add the geoblock argument. My docker-compose.traefik.yml:

version: '3'
services:
  webdav:
    networks:
      - proxy
    labels:
      - traefik.enable=true
      - traefik.http.services.webdav.loadbalancer.server.port=8080
      - traefik.http.routers.webdav.entrypoints=https
      - traefik.http.routers.webdav.rule=Host(`${FQDN}`)
      - traefik.http.middlewares.webdav-https-redirect.redirectscheme.scheme=https
      - traefik.http.routers.webdav.middlewares=webdav-https-redirect
      - traefik.http.routers.webdav-secure.entrypoints=https
      - traefik.http.routers.webdav-secure.rule=Host(`${FQDN}`)
      - traefik.http.routers.webdav-secure.tls=true
      - traefik.http.routers.webdav-secure.tls.certresolver=letsencrypt
       !!!! when i add this argument i get the error i mentioned above !!!!!!
      - traefik.http.routers.webdav.middlewares=my-geoblock@file

networks:
  proxy:
    external: true

I'm aware that it's a bug in my configuration, but despite reading the documentation and trying many times, I can't get the plugin to work. Thank you very much for your answer and your interest, I am very sorry to bother you @PascalMinder

PascalMinder commented 1 year ago

I'm not sure, but in your traefik.yml:

experimental:
  plugins:  
    geoblock:            <-----------

and in your dynamic-configuration.yml you wrote:

    my-GeoBlock:
      plugin:
        GeoBlock:         <---------

I think you should write both in small caps.

TonioDF commented 1 year ago

I've already tried it, and it still doesn't work. I have edited the dynamic-config.yml file above, with the configuration that I have right now

Screenshot_2023-01-17-21-52-34-88_3aea4af51f236e4932235fdada7d1643

Isn't it necessary to add any more rule to configuration?? A middleware ?? I think I'm making such a mistake. I've been thinking about this problem for several days and I can't solve it. Thanks @PascalMinder

TonioDF commented 1 year ago

Resolved !!! The problem was with version 2.6 of docker compose, I updated to 2.9.6 and it worked. Thanks @PascalMinder