search

spantaleev / matrix-docker-ansible-deploy

🐳 Matrix (An open network for secure, decentralized communication) server setup using Ansible and Docker
GNU Affero General Public License v3.0
4.93k stars 1.05k forks source link

Which `traefik` docker labels for pointing to an additional webserver? #3140

Open elindgren opened 10 months ago

elindgren commented 10 months ago

Hi! I want to use the included traefik reverse proxy to also handle requests to an additional webserver I'm running in a docker container on the same server as all the other services. I followed this section of the docs where, if I understand correctly, I can add my service to traefik simply by specifying the correct labels for my docker service. See the configuration I use in my docker-compose.yaml below.

My service can join the traefik docker network just fine, but when I access https://subdomain.myserver.org I get a 404 not found. I suspect I've misconfigured the traefik labels, specifically with regards to the traefik router name (it's probably not myrouter as I've used 😆), but I don't know what it should be. Anyone that can help a struggling hobbyist out? 😅

docker-compose.yaml

version: "3"
services:
  webserver:
    image: webserver:latest
    restart: always
    ports:
      - "4173:4173"
    build:
       context: .
       labels:
         - traefik.http.routers.myrouter.rule=Host(`subdomain.myserver.org`) # enable trafik reverse proxy
         - traefik.http.routers.myrouter.tls=true              # enable tls via reverse proxy
         # Tell Traefik to use the port 4173 to connect to `my-container`
         - traefik.http.services.my-service.loadbalancer.server.port=4173

networks:
  default:
    name: traefik
    external: true  # requires the traefik network from docker-ansible-deploy to have been created
Virkkunen commented 9 months ago

I might be wrong, but I've used the following labels and my other containers are successfully integrated in Traefik:

labels:
      - traefik.enable=true
      - traefik.docker.network=traefik
      - traefik.http.routers.[NAME].entrypoints=web-secure
      - traefik.http.routers.[NAME].service=[NAME]
      - traefik.http.routers.[NAME].rule=[RULE]
      - traefik.http.routers.[NAME].tls=true
      - traefik.http.routers.[NAME].tls.certResolver=default
      - traefik.http.routers.[NAME].tls.domains[0]=[DOMAIN]
      - traefik.http.routers.[NAME].tls.domains[0].sans=[SUBDOMAIN]
      - traefik.http.services.[NAME].loadbalancer.server.port=[CONTAINER PORT]

Also adding the networks config under the compose services:

networks:
      - traefik

and under the compose networks:

networks:
  traefik:
    external: true
elindgren commented 9 months ago

I might be wrong, but I've used the following labels and my other containers are successfully integrated in Traefik:

labels:
      - traefik.enable=true
      - traefik.docker.network=traefik
      - traefik.http.routers.[NAME].entrypoints=web-secure
      - traefik.http.routers.[NAME].service=[NAME]
      - traefik.http.routers.[NAME].rule=[RULE]
      - traefik.http.routers.[NAME].tls=true
      - traefik.http.routers.[NAME].tls.certResolver=default
      - traefik.http.routers.[NAME].tls.domains[0]=[DOMAIN]
      - traefik.http.routers.[NAME].tls.domains[0].sans=[SUBDOMAIN]
      - traefik.http.services.[NAME].loadbalancer.server.port=[CONTAINER PORT]

Also adding the networks config under the compose services:

networks:
      - traefik

and under the compose networks:

networks:
  traefik:
    external: true

Nice, thanks! I tried it but there is still something that doesn't seem to be quite correctly configured. What is [NAME], is that just name of the docker service (webserver in my example yaml file)? What is RULE?

Virkkunen commented 9 months ago

Yes, [NAME] is the container/service name, webserver in your case. [RULE] should be your routing rule, according to https://doc.traefik.io/traefik/routing/routers/#rule_1, like Host(`subdomain.myserver.org`)