I'm trying to proxy the pgAdmin web interface using segment URLs. But I have some problems with this.
When I'm accessing the browser with the following URL -> http://localhost/pgadmin, it redirects me to the following URL -> http://localhost/login?next=%2F. This is the internal routing of pgAdmin.
I want routing to be next http://localhost/pgadmin/login?next=%2F.
Could you tell me how can I achieve this.
Here is an example of my docker-compose configuration
version: '3.7'
services:
traefik:
image: traefik:v2.2
container_name: traefik
restart: always
networks:
applications_network:
ipv4_address: 172.20.1.1
ports:
- "80:80"
- "8080:8080"
command:
- "--api.insecure=true --providers.docker"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--log.level=debug"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
pgAdmin4:
image: dpage/pgadmin4:latest
container_name: pgAdmin4
restart: always
networks:
applications_network:
ipv4_address: 172.20.2.1
ports:
- "15432:80"
environment:
PGADMIN_DEFAULT_EMAIL: "admin#test.com"
PGADMIN_DEFAULT_PASSWORD: "postgres"
labels:
- "traefik.enable=true"
- "traefik.http.routers.pgAdmin4.rule=Host(`localhost`)"
- "traefik.http.middlewares.pgAdmin4-prefix.stripprefix.prefixes=/pgadmin"
- "traefik.http.routers.pgAdmin4.middlewares=pgAdmin4-prefix"
- "traefik.http.routers.pgAdmin4.entrypoints=web"
- "traefik.http.routers.pgAdmin4.service=pgAdmin4"
- "traefik.http.services.pgAdmin4.loadbalancer.server.port=80"
networks:
applications_network:
name: applications_network
ipam:
driver: default
config:
- subnet: 172.20.0.0/16
Thanks in advance.
Related
I've got my docker environment setup using traefik and I've got two services running at the moment.
I'm using Google OAuth for authentication which redirects to my web application with auth-code. The redirect URL isn't allowed anything but localhost or localhost:<any-port> or any CDN. I've setup my docker for http://portal.local.
I now want http://localhost/user/googleLogin?code=xxxxxxxxxx to be translated to http://portal.local/user/googleLogin?code=xxxxxxxx for further processing of authentication.
Right now, I'm having to manually change localhost to portal.local in browser URL after it gives site not found error, which then takes me to further processing.
Below is my docker-compose.yml file.
version: "3.9"
services:
portal-traefik:
container_name: portal-traefik
command:
- --api.insecure=true
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80
# - --entrypoints.websecure.address=:443
# - --certificatesresolvers.myresolver.acme.httpchallenge=true
# - --certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web
# - --certificatesresolvers.myresolver.acme.email=ssl#idealsalessolutions.com
# - --certificatesresolvers.myresolver.acme.storage=/acme/acme.json
image: traefik:latest
networks:
api_driven:
ports:
- "80:80"
- "8080:8080"
# - "443:443"
restart: unless-stopped
volumes:
- portal_acme:/acme
- /var/run/docker.sock:/var/run/docker.sock:ro
api-i4f:
container_name: api-i4f
depends_on:
- php-i4f
- portal-traefik
image: nginx:stable-alpine
labels:
- traefik.enable=true
- traefik.http.routers.api.rule=Host(`api.local`)
networks:
api_driven:
restart: unless-stopped
volumes:
- ../docker.sites/api.local:/usr/share/nginx/api.local
- ./conf/nginx/conf.d:/etc/nginx/conf.d:ro
command: [nginx, '-g', 'daemon off;']
hostname: api.local
portal-i4f:
container_name: portal-i4f
depends_on:
- php-i4f
- portal-traefik
image: nginx:stable-alpine
labels:
- traefik.enable=true
- traefik.http.routers.portal.rule=Host(`portal.local`)
networks:
api_driven:
restart: unless-stopped
volumes:
- ../docker.sites/portal.local:/usr/share/nginx/portal.local
- ./conf/nginx/conf.d:/etc/nginx/conf.d:ro
command: [nginx, '-g', 'daemon off;']
hostname: portal.local
php-i4f:
container_name: php-i4f
depends_on:
- portal-traefik
image: isshub/core:php7.4.30-fpm-alpine3.16-intl-mysql
networks:
api_driven:
restart: unless-stopped
volumes:
- ../docker.sites/api.local:/usr/share/nginx/api.local
- ../docker.sites/portal.local:/usr/share/nginx/portal.local
networks:
api_driven:
name: "api_driven"
volumes:
portal_acme:
I've tried to use multiple router rules to listen to both localhost and portal.local using regex/replacement middlewares as well but that stops the service at all and gives 404 error.
This is docker-compose file that starts the containers all are working fine except the caddy.
version: '3'
services:
db:
image: postgres:latest
restart: always
expose:
- "5555"
volumes:
- pgdata:/var/lib/postgresql/data/
environment:
- POSTGRES_DB=chiefonboarding
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
networks:
- global
web:
image: chiefonboarding/chiefonboarding:latest
restart: always
expose:
- "9000"
environment:
- SECRET_KEY=somethingsupersecret
- BASE_URL=https://on.hr.gravesfoods.com
- DATABASE_URL=postgres://postgres:postgres#db:5432/chiefonboarding
- ALLOWED_HOSTS=on.hr.gravesfoods.com
- DEFAULT_FROM_EMAIL=hello#gravesfoods.com
depends_on:
- db
networks:
- global
caddy:
image: caddy:2.3.0-alpine
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- $PWD/Caddyfile:/etc/caddy/Caddyfile
- $PWD/site:/srv
- caddy_data:/data
- caddy_config:/config
networks:
- global
volumes:
pgdata:
caddy_data:
caddy_config:
networks:
global:
Also these are the logs it is generating:
[https://on.hr.gravesfoods.com:80] scheme and port violate convention "level":"info","ts":1656425557.6256478,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile" run: adapting config using caddyfile: server block 0, key 0 (https://on.hr.gravesfoods.com:80): determining listener address: [https://on.hr.gravesfoods.com:80] scheme and port violate convention.
I have my traefik v2 setup and when i try to access the dashboard which is behind AWS elb, the basic auth doe not work. But the same configu works when i hit traefik directly
here is what my config looks like
version: '3.5'
services:
traefik:
image: traefik:v2.2
container_name: traefik
restart: always
command:
- "--api.insecure=true"
- "--providers.docker=true"
networks:
- traefik_network
ports:
- "80:80"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik_network"
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
- "traefik.http.routers.traefik.rule=Host(`traefik.local.host`)"
- "traefik.http.routers.traefik.middlewares=traefik"
- "traefik.http.middlewares.traefik.basicauth.users=test:$$apr1$$1pmerTx$$qsMzjTuYTHyEn12LKmteghC."
- "traefik.http.middlewares.traefik.basicauth.removeheader=true"
networks:
traefik_network:
name: traefik_network
What do i need to do to have basic auth work for the traefik v2 dashboard when am behind AWS elb???
Issue was me, all looks good but i needed to use port 80, not 8080!!!
version: '3.5'
services:
traefik:
image: traefik:v2.2
container_name: traefik
restart: always
command:
- "--api.insecure=true"
- "--providers.docker=true"
networks:
- traefik_network
ports:
- "80:80"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik_network"
- "traefik.http.services.traefik.loadbalancer.server.port=80"
- "traefik.http.routers.traefik.rule=Host(`traefik.local.host`)"
- "traefik.http.routers.traefik.middlewares=traefik"
- "traefik.http.middlewares.traefik.basicauth.users=test:$$apr1$$1pmerTx$$qsMzjTuYTHyEn12LKmteghC."
- "traefik.http.middlewares.traefik.basicauth.removeheader=true"
networks:
traefik_network:
name: traefik_network
I had two container frontend (nginx :80) and backend (nodejs :3000).
I'm trying to redirect all path to my frontend : localhost/* to my frontend
Except one path to my backend API : localhost/v1/* to my backend
I secure my database container (mongodb) by allowing only communication with my backend
Here is my docker-compose.yml (I'm only using this)
version: '3'
services:
traefik:
image: traefik:v2.3
container_name: traefik
command:
- --api.insecure=true
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80
ports:
- "8080:8080"
- "443:443"
- "80:80"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
frontend:
image: registry.gitlab.com/test/frontend
container_name: frontend
build:
context: ../frontend/.
labels:
- traefik.enable=true
- traefik.http.routers.frontend.rule=PathPrefix(`/`)
- traefik.http.routers.frontend.entrypoints=web
networks:
- traefik-network
backend:
image: registry.gitlab.com/test/backend
container_name: backend
build:
context: ../backend/.
labels:
- traefik.enable=true
- traefik.http.routers.backend.rule=PathPrefix(`/v1`)
- traefik.http.routers.backend.service=backend
- traefik.http.routers.backend.entrypoints=web
- traefik.http.services.backend.loadbalancer.server.port=3000
command: yarn start
environment:
- MONGODB_URL=mongodb://mongodb:27017/backend
depends_on:
- mongodb
volumes:
- ../backend/.:/usr/src/backend
networks:
- traefik-network
- backend-network
mongodb:
image: mongo:4.2.1-bionic
container_name: mongodb
ports:
- 27017:27017
volumes:
- dbdata:/data/db
networks:
- backend-network
volumes:
dbdata:
networks:
backend-network:
traefik-network:
The problem is...
If the frontend (backend and traefik too) is turned on
the paths to localhost/* work (this is what I want),
but the paths to localhost/v1/* don't work (Problem here!).
If the frontend is turned off but traefik and backend is turned on
the paths to localhost/* don't work (of course, that's right),
but the paths to localhost/v1/* work (of course, this is what I want).
I've tried a lot of solutions but nothing seems to work the way I want it to.
What did I misunderstand?
Thanks for helping,
Have a nice day
Try to add the following labels to the backend service
- "traefik.http.routers.backend.rule=Host(`servicex.me`) && Path(`/v1`)"
and frontend
- traefik.http.routers.frontend.rule=Host(`servicex.me`)
you also need to add this line to your /etc/hosts
127.0.0.1 servicex.me
and make sure that you stop and start the services
Complete Example
version: '3'
services:
traefik:
image: traefik:v2.3
container_name: traefik
command:
- --api.insecure=true
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80
ports:
- "8080:8080"
- "443:443"
- "80:80"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
frontend:
image: registry.gitlab.com/test/frontend
container_name: frontend
build:
context: ../frontend/.
labels:
- traefik.enable=true
- traefik.http.routers.frontend.rule=Host(`servicex.me`)
- traefik.http.routers.frontend.entrypoints=web
- traefik.http.routers.frontend.service=frontend
- traefik.http.services.frontend.loadbalancer.server.port=80
networks:
- traefik-network
backend:
image: registry.gitlab.com/test/backend
container_name: backend
build:
context: ../backend/.
labels:
- traefik.enable=true
- "traefik.http.routers.backend.rule=Host(`servicex.me`) && Path(`/v1`)"
- traefik.http.routers.backend.service=backend
- traefik.http.routers.backend.entrypoints=web
- traefik.http.services.backend.loadbalancer.server.port=3000
command: yarn start
environment:
- MONGODB_URL=mongodb://mongodb:27017/backend
depends_on:
- mongodb
volumes:
- ../backend/.:/usr/src/backend
networks:
- traefik-network
- backend-network
mongodb:
image: mongo:4.2.1-bionic
container_name: mongodb
ports:
- 27017:27017
volumes:
- dbdata:/data/db
networks:
- backend-network
volumes:
dbdata:
networks:
backend-network:
traefik-network:
BTW, why do you need both traefik and nginx (Both are doing the same job), it would be better if you can replace one with another.
I added this label to my containers
traefik.docker.network=traefik-network
It works fine now
We are trying to configure api and frontend with docker-compose using Traefik and we need that both applications are exposed by domain.
With this configuration we get 404 but commented "frontend" lines make api works.
In Traefik dashboard we can see both applications in "HTTP Services" tab as loadbalancer but we have no routers in "Routers" tab.
What we miss?
We also tried using "network" with no luck (receive "gateway time out").
version: "3.3"
services:
traefik:
image: "traefik:latest"
restart: always
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=true"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
- "--certificatesresolvers.letsencrypt.acme.email=myemail" # Let's Encrypt email
- "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
db:
image: mysql:latest
volumes:
- db_data:/var/lib/mysql
restart: always
container_name: "db"
environment:
MYSQL_ROOT_PASSWORD: mypassword
MYSQL_DATABASE: mydb
MYSQL_USER: myuser
MYSQL_PASSWORD: mypassword
ports:
- "32769:3306"
api:
image: "myregistry/myimage:latest"
restart: always
container_name: "api"
labels:
- "traefik.enable=true"
- traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
- traefik.http.routers.web.middlewares=redirect-to-https
- traefik.http.routers.web.rule=Host(`mydomainapi`)
- traefik.http.routers.web.entrypoints=web
- "traefik.http.routers.websecure.rule=Host(`mydomainapi`)"
- "traefik.http.routers.websecure.entrypoints=websecure"
- "traefik.http.routers.websecure.tls.certresolver=letsencrypt"
depends_on:
- db
frontend:
image: "myregistry/myimagefrontend:latest"
restart: always
container_name: "frontend"
labels:
- "traefik.enable=true"
- traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
- traefik.http.routers.web.middlewares=redirect-to-https
- traefik.http.routers.web.rule=Host(`mydomainfrontend`)
- traefik.http.routers.web.entrypoints=web
- "traefik.http.routers.websecure.rule=Host(`mydomainfrontend`)"
- "traefik.http.routers.websecure.entrypoints=websecure"
- "traefik.http.routers.websecure.tls.certresolver=letsencrypt"
depends_on:
- api
volumes:
db_data:
driver: local