We are trying to configure api and frontend with docker-compose using Traefik and we need that both applications are exposed by domain.
With this configuration we get 404 but commented "frontend" lines make api works.
In Traefik dashboard we can see both applications in "HTTP Services" tab as loadbalancer but we have no routers in "Routers" tab.
What we miss?
We also tried using "network" with no luck (receive "gateway time out").
version: "3.3"
services:
traefik:
image: "traefik:latest"
restart: always
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=true"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
- "--certificatesresolvers.letsencrypt.acme.email=myemail" # Let's Encrypt email
- "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
db:
image: mysql:latest
volumes:
- db_data:/var/lib/mysql
restart: always
container_name: "db"
environment:
MYSQL_ROOT_PASSWORD: mypassword
MYSQL_DATABASE: mydb
MYSQL_USER: myuser
MYSQL_PASSWORD: mypassword
ports:
- "32769:3306"
api:
image: "myregistry/myimage:latest"
restart: always
container_name: "api"
labels:
- "traefik.enable=true"
- traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
- traefik.http.routers.web.middlewares=redirect-to-https
- traefik.http.routers.web.rule=Host(`mydomainapi`)
- traefik.http.routers.web.entrypoints=web
- "traefik.http.routers.websecure.rule=Host(`mydomainapi`)"
- "traefik.http.routers.websecure.entrypoints=websecure"
- "traefik.http.routers.websecure.tls.certresolver=letsencrypt"
depends_on:
- db
frontend:
image: "myregistry/myimagefrontend:latest"
restart: always
container_name: "frontend"
labels:
- "traefik.enable=true"
- traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
- traefik.http.routers.web.middlewares=redirect-to-https
- traefik.http.routers.web.rule=Host(`mydomainfrontend`)
- traefik.http.routers.web.entrypoints=web
- "traefik.http.routers.websecure.rule=Host(`mydomainfrontend`)"
- "traefik.http.routers.websecure.entrypoints=websecure"
- "traefik.http.routers.websecure.tls.certresolver=letsencrypt"
depends_on:
- api
volumes:
db_data:
driver: local
Related
I've got my docker environment setup using traefik and I've got two services running at the moment.
I'm using Google OAuth for authentication which redirects to my web application with auth-code. The redirect URL isn't allowed anything but localhost or localhost:<any-port> or any CDN. I've setup my docker for http://portal.local.
I now want http://localhost/user/googleLogin?code=xxxxxxxxxx to be translated to http://portal.local/user/googleLogin?code=xxxxxxxx for further processing of authentication.
Right now, I'm having to manually change localhost to portal.local in browser URL after it gives site not found error, which then takes me to further processing.
Below is my docker-compose.yml file.
version: "3.9"
services:
portal-traefik:
container_name: portal-traefik
command:
- --api.insecure=true
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80
# - --entrypoints.websecure.address=:443
# - --certificatesresolvers.myresolver.acme.httpchallenge=true
# - --certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web
# - --certificatesresolvers.myresolver.acme.email=ssl#idealsalessolutions.com
# - --certificatesresolvers.myresolver.acme.storage=/acme/acme.json
image: traefik:latest
networks:
api_driven:
ports:
- "80:80"
- "8080:8080"
# - "443:443"
restart: unless-stopped
volumes:
- portal_acme:/acme
- /var/run/docker.sock:/var/run/docker.sock:ro
api-i4f:
container_name: api-i4f
depends_on:
- php-i4f
- portal-traefik
image: nginx:stable-alpine
labels:
- traefik.enable=true
- traefik.http.routers.api.rule=Host(`api.local`)
networks:
api_driven:
restart: unless-stopped
volumes:
- ../docker.sites/api.local:/usr/share/nginx/api.local
- ./conf/nginx/conf.d:/etc/nginx/conf.d:ro
command: [nginx, '-g', 'daemon off;']
hostname: api.local
portal-i4f:
container_name: portal-i4f
depends_on:
- php-i4f
- portal-traefik
image: nginx:stable-alpine
labels:
- traefik.enable=true
- traefik.http.routers.portal.rule=Host(`portal.local`)
networks:
api_driven:
restart: unless-stopped
volumes:
- ../docker.sites/portal.local:/usr/share/nginx/portal.local
- ./conf/nginx/conf.d:/etc/nginx/conf.d:ro
command: [nginx, '-g', 'daemon off;']
hostname: portal.local
php-i4f:
container_name: php-i4f
depends_on:
- portal-traefik
image: isshub/core:php7.4.30-fpm-alpine3.16-intl-mysql
networks:
api_driven:
restart: unless-stopped
volumes:
- ../docker.sites/api.local:/usr/share/nginx/api.local
- ../docker.sites/portal.local:/usr/share/nginx/portal.local
networks:
api_driven:
name: "api_driven"
volumes:
portal_acme:
I've tried to use multiple router rules to listen to both localhost and portal.local using regex/replacement middlewares as well but that stops the service at all and gives 404 error.
This is docker-compose file that starts the containers all are working fine except the caddy.
version: '3'
services:
db:
image: postgres:latest
restart: always
expose:
- "5555"
volumes:
- pgdata:/var/lib/postgresql/data/
environment:
- POSTGRES_DB=chiefonboarding
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
networks:
- global
web:
image: chiefonboarding/chiefonboarding:latest
restart: always
expose:
- "9000"
environment:
- SECRET_KEY=somethingsupersecret
- BASE_URL=https://on.hr.gravesfoods.com
- DATABASE_URL=postgres://postgres:postgres#db:5432/chiefonboarding
- ALLOWED_HOSTS=on.hr.gravesfoods.com
- DEFAULT_FROM_EMAIL=hello#gravesfoods.com
depends_on:
- db
networks:
- global
caddy:
image: caddy:2.3.0-alpine
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- $PWD/Caddyfile:/etc/caddy/Caddyfile
- $PWD/site:/srv
- caddy_data:/data
- caddy_config:/config
networks:
- global
volumes:
pgdata:
caddy_data:
caddy_config:
networks:
global:
Also these are the logs it is generating:
[https://on.hr.gravesfoods.com:80] scheme and port violate convention "level":"info","ts":1656425557.6256478,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile" run: adapting config using caddyfile: server block 0, key 0 (https://on.hr.gravesfoods.com:80): determining listener address: [https://on.hr.gravesfoods.com:80] scheme and port violate convention.
version: '3.3'
services:
#InfluxDB server
influx-db:
image: influxdb:1.8-alpine
container_name: influx-db
ports:
- 8086:8086
restart: always
volumes:
- db-data:/var/lib/influxdb
networks:
- local
#PostgreSQL Database for the application
postgresdb:
image: "postgres:12.0-alpine"
container_name: postgresdb
volumes:
- db-data:/var/lib/postgresql/data
ports:
- 5432:5432
environment:
- POSTGRES_DB=postgres
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
restart: always
networks:
- local
#Fron-end Angular Application
fe:
build: './Frontend-Asset'
ports:
- 4201:4201
links:
- sm_abc_be
- sm_um_be
depends_on:
- sm_abc_be
- sm_um_be
networks:
- local
um_fe:
build: './Frontend-User'
ports:
- 4202:4202
links:
- sm_abc_be
- sm_um_be
depends_on:
- sm_abc_be
- sm_um_be
networks:
- local
#Back-end Spring Boot Application
sm_um_be:
build: './um_be'
ports:
- 8081:8081
restart: always
volumes:
- db-data/
links:
- postgresdb
environment:
- SPRING_DATASOURCE_URL=jdbc:postgresql://postgresdb:5432/abcd
- SPRING_DATASOURCE_USERNAME=abc_user
- SPRING_DATASOURCE_PASSWORD=abcpassword
- SPRING_JPA_HIBERNATE_DDL_AUTO=update
depends_on:
- postgresdb
networks:
- local
sm_am_be:
build: './am_be'
ports:
- 8082:8082
restart: always
volumes:
- db-data/
links:
- postgresdb
- influx-db
environment:
- SPRING_DATASOURCE_URL=jdbc:postgresql://postgresdb:5432/am_uuid?currentSchema=abc
- SPRING_DATASOURCE_USERNAME=am_db_user
- SPRING_DATASOURCE_PASSWORD=abcpassword
- SPRING_JPA_HIBERNATE_DDL_AUTO=update
depends_on:
- postgresdb
- influx-db
networks:
- local
#Volumes for DB data
volumes:
db-data:
networks:
local:
driver: bridge
I am attempting to create multiple Docker-Compose projects and have them share a single service, a database server. I'm currently unable to get projects to use my mariadb instance. I'm not sure if my issues is in traefik or docker. I can get wordpress to recognize the database if it is included in the same docker-compose, but as I would ultimately like to not have multiple instances of a database server running, I would prefer it to be it's own project.
# ~/docker/traefik/docker-compose.yml
version: "3.3"
services:
traefik:
image: "traefik:v2.2"
container_name: "traefik"
command:
- "--api=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.dnschallenge=true"
- "--certificatesresolvers.myresolver.acme.dnschallenge.provider=namedotcom"
- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myresolver.acme.email=<MY-EMAIL>"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
networks:
t2_proxy:
ports:
- "80:80"
- "443:443"
environment:
- "NAMECOM_USERNAME=<My-USERNAME>
- "NAMECOM_API_TOKEN=<My-Token>
labels:
# Dashboard
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`api.mydomain.com`)"
- "traefik.http.routers.traefik.service=api#internal"
- "traefik.http.routers.traefik.middlewares=admin"
- "traefik.http.routers.traefik.tls.certresolver=myresolver"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.middlewares.admin.basicauth.users=myuser:mypasswordhash/"
# middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# global redirect to https
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.redirs.entrypoints=web"
- "traefik.http.routers.redirs.middlewares=redirect-to-https"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
networks:
t2_proxy:
# ~/docker/db/docker-compose.yml
version: '3.3'
services:
mysql:
image: mariadb
container_name: "mariadb"
restart: always
environment:
MYSQL_ROOT_PASSWORD: example
MYSQL_DATABASE: wordpressDB
MYSQL_USER: wordpressUSER
MYSQL_PASSWORD: wordpressPW
networks:
default:
ports:
- 3306:3306
adminer:
image: adminer
restart: always
container_name: "adminer"
labels:
- "traefik.enable=true"
- "traefik.http.routers.adminer.rule=PathPrefix(`/adminer`)"
- "traefik.http.routers.adminer.entrypoints=websecure"
- "traefik.http.routers.adminer.tls.certresolver=myresolver"
networks:
- default
- traefik_t2_proxy
networks:
default:
traefik_t2_proxy:
external: true
# ~/docker/wordpress/docker-compose.yml
version: '3.3'
services:
wordpress:
image: wordpress:latest
restart: always
container_name: "mySite"
environment:
WORDPRESS_DB_HOST: db:3306
WORDPRESS_DB_USER: wordpressUSER
WORDPRESS_DB_PASSWORD: wordpressPW
WORDPRESS_DB_NAME: wordpressDB
networks:
traefik_t2_proxy:
db_default:
labels:
- "traefik.enable=true"
- "traefik.http.routers.wp2.rule=PathPrefix(`/wordpress`)"
- "traefik.http.routers.wp2.entrypoints=websecure"
- "traefik.http.routers.wp2.tls.certresolver=myresolver"
volumes:
db_data: {}
networks:
traefik_t2_proxy:
external: true
db_default:
external: true
You can have multiple docker-compose files, with the same network and run them together as below:
docker-compose -f docker-compose-1.yml -f docker-compose-2.yml up -d
But if you need the services to recognize eachother, the networks should be the same. Give your traefik_t2_proxy network to mysql too.
I'm trying to proxy the pgAdmin web interface using segment URLs. But I have some problems with this.
When I'm accessing the browser with the following URL -> http://localhost/pgadmin, it redirects me to the following URL -> http://localhost/login?next=%2F. This is the internal routing of pgAdmin.
I want routing to be next http://localhost/pgadmin/login?next=%2F.
Could you tell me how can I achieve this.
Here is an example of my docker-compose configuration
version: '3.7'
services:
traefik:
image: traefik:v2.2
container_name: traefik
restart: always
networks:
applications_network:
ipv4_address: 172.20.1.1
ports:
- "80:80"
- "8080:8080"
command:
- "--api.insecure=true --providers.docker"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--log.level=debug"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
pgAdmin4:
image: dpage/pgadmin4:latest
container_name: pgAdmin4
restart: always
networks:
applications_network:
ipv4_address: 172.20.2.1
ports:
- "15432:80"
environment:
PGADMIN_DEFAULT_EMAIL: "admin#test.com"
PGADMIN_DEFAULT_PASSWORD: "postgres"
labels:
- "traefik.enable=true"
- "traefik.http.routers.pgAdmin4.rule=Host(`localhost`)"
- "traefik.http.middlewares.pgAdmin4-prefix.stripprefix.prefixes=/pgadmin"
- "traefik.http.routers.pgAdmin4.middlewares=pgAdmin4-prefix"
- "traefik.http.routers.pgAdmin4.entrypoints=web"
- "traefik.http.routers.pgAdmin4.service=pgAdmin4"
- "traefik.http.services.pgAdmin4.loadbalancer.server.port=80"
networks:
applications_network:
name: applications_network
ipam:
driver: default
config:
- subnet: 172.20.0.0/16
Thanks in advance.