Develop Reference

How to setup Nginx with Traefik

I need help,
I tried it a long time but I didn't manage to setup Nginx with Traefik.
Docker-compose:
services:
traefik:
image: traefik:latest
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
ports:
- 80:80
- 443:443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data/traefik.yml:/traefik.yml:ro
- ./data/acme.json:/acme.json
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.entrypoints=http"
- "traefik.http.routers.traefik.rule=Host(`blockworldhd.net`)"
- "traefik.http.middlewares.traefik-auth.basicauth.users=jan:3065jAnjAn"
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
- "traefik.http.routers.traefik-secure.entrypoints=https"
- "traefik.http.routers.traefik-secure.rule=Host(`blockworldhd.net`)"
- "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.routers.traefik-secure.tls.certresolver=http"
- "traefik.http.routers.traefik-secure.service=api#internal"
Nginx:
image: nginx:latest
container_name: web
labels:
- traefik.backend=Nginx-Pro
- traefik.frontend.passHostHeader
- traefik.frontend.rule=Host:webkonferenz.blockworldhd.net
- traefik.docker.network=proxy
- "traefik.port=80"
- "traefik.frontend.entryPoints=http"
networks:
- proxy
volumes:
- /var/www/nginx-pro/:/var/www/
- /etc/nginx/nginx-pro/:/etc/nginx
proxy:
external: true
Every time when I try to go on the website there is: 404 page not found
What can I do?
Thanks for help!
Jan

You have to configure routers and service label for Nginx container
try something like this
labels:
- "traefik.enable=true"
- "traefik.http.routers.nginx.entrypoints=http"
- "traefik.http.routers.nginx.rule=Host(`######`)
- "traefik.http.services.nginx.loadbalancer.server.port=80"

traefik v2 dashboard basic auth not working behind AWS elb

I have my traefik v2 setup and when i try to access the dashboard which is behind AWS elb, the basic auth doe not work. But the same configu works when i hit traefik directly
here is what my config looks like
version: '3.5'
services:
traefik:
image: traefik:v2.2
container_name: traefik
restart: always
command:
- "--api.insecure=true"
- "--providers.docker=true"
networks:
- traefik_network
ports:
- "80:80"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik_network"
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
- "traefik.http.routers.traefik.rule=Host(`traefik.local.host`)"
- "traefik.http.routers.traefik.middlewares=traefik"
- "traefik.http.middlewares.traefik.basicauth.users=test:$$apr1$$1pmerTx$$qsMzjTuYTHyEn12LKmteghC."
- "traefik.http.middlewares.traefik.basicauth.removeheader=true"
networks:
traefik_network:
name: traefik_network
What do i need to do to have basic auth work for the traefik v2 dashboard when am behind AWS elb???

Issue was me, all looks good but i needed to use port 80, not 8080!!!
version: '3.5'
services:
traefik:
image: traefik:v2.2
container_name: traefik
restart: always
command:
- "--api.insecure=true"
- "--providers.docker=true"
networks:
- traefik_network
ports:
- "80:80"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik_network"
- "traefik.http.services.traefik.loadbalancer.server.port=80"
- "traefik.http.routers.traefik.rule=Host(`traefik.local.host`)"
- "traefik.http.routers.traefik.middlewares=traefik"
- "traefik.http.middlewares.traefik.basicauth.users=test:$$apr1$$1pmerTx$$qsMzjTuYTHyEn12LKmteghC."
- "traefik.http.middlewares.traefik.basicauth.removeheader=true"
networks:
traefik_network:
name: traefik_network

Why am I unable to route to my API backend with Traefik

I had two container frontend (nginx :80) and backend (nodejs :3000).
I'm trying to redirect all path to my frontend : localhost/* to my frontend
Except one path to my backend API : localhost/v1/* to my backend
I secure my database container (mongodb) by allowing only communication with my backend
Here is my docker-compose.yml (I'm only using this)
version: '3'
services:
traefik:
image: traefik:v2.3
container_name: traefik
command:
- --api.insecure=true
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80
ports:
- "8080:8080"
- "443:443"
- "80:80"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
frontend:
image: registry.gitlab.com/test/frontend
container_name: frontend
build:
context: ../frontend/.
labels:
- traefik.enable=true
- traefik.http.routers.frontend.rule=PathPrefix(`/`)
- traefik.http.routers.frontend.entrypoints=web
networks:
- traefik-network
backend:
image: registry.gitlab.com/test/backend
container_name: backend
build:
context: ../backend/.
labels:
- traefik.enable=true
- traefik.http.routers.backend.rule=PathPrefix(`/v1`)
- traefik.http.routers.backend.service=backend
- traefik.http.routers.backend.entrypoints=web
- traefik.http.services.backend.loadbalancer.server.port=3000
command: yarn start
environment:
- MONGODB_URL=mongodb://mongodb:27017/backend
depends_on:
- mongodb
volumes:
- ../backend/.:/usr/src/backend
networks:
- traefik-network
- backend-network
mongodb:
image: mongo:4.2.1-bionic
container_name: mongodb
ports:
- 27017:27017
volumes:
- dbdata:/data/db
networks:
- backend-network
volumes:
dbdata:
networks:
backend-network:
traefik-network:
The problem is...
If the frontend (backend and traefik too) is turned on
the paths to localhost/* work (this is what I want),
but the paths to localhost/v1/* don't work (Problem here!).
If the frontend is turned off but traefik and backend is turned on
the paths to localhost/* don't work (of course, that's right),
but the paths to localhost/v1/* work (of course, this is what I want).
I've tried a lot of solutions but nothing seems to work the way I want it to.
What did I misunderstand?
Thanks for helping,
Have a nice day

Try to add the following labels to the backend service
- "traefik.http.routers.backend.rule=Host(`servicex.me`) && Path(`/v1`)"
and frontend
- traefik.http.routers.frontend.rule=Host(`servicex.me`)
you also need to add this line to your /etc/hosts
127.0.0.1 servicex.me
and make sure that you stop and start the services
Complete Example
version: '3'
services:
traefik:
image: traefik:v2.3
container_name: traefik
command:
- --api.insecure=true
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80
ports:
- "8080:8080"
- "443:443"
- "80:80"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
frontend:
image: registry.gitlab.com/test/frontend
container_name: frontend
build:
context: ../frontend/.
labels:
- traefik.enable=true
- traefik.http.routers.frontend.rule=Host(`servicex.me`)
- traefik.http.routers.frontend.entrypoints=web
- traefik.http.routers.frontend.service=frontend
- traefik.http.services.frontend.loadbalancer.server.port=80
networks:
- traefik-network
backend:
image: registry.gitlab.com/test/backend
container_name: backend
build:
context: ../backend/.
labels:
- traefik.enable=true
- "traefik.http.routers.backend.rule=Host(`servicex.me`) && Path(`/v1`)"
- traefik.http.routers.backend.service=backend
- traefik.http.routers.backend.entrypoints=web
- traefik.http.services.backend.loadbalancer.server.port=3000
command: yarn start
environment:
- MONGODB_URL=mongodb://mongodb:27017/backend
depends_on:
- mongodb
volumes:
- ../backend/.:/usr/src/backend
networks:
- traefik-network
- backend-network
mongodb:
image: mongo:4.2.1-bionic
container_name: mongodb
ports:
- 27017:27017
volumes:
- dbdata:/data/db
networks:
- backend-network
volumes:
dbdata:
networks:
backend-network:
traefik-network:
BTW, why do you need both traefik and nginx (Both are doing the same job), it would be better if you can replace one with another.

I added this label to my containers
traefik.docker.network=traefik-network
It works fine now

configure traefik as reverse proxy with docker

I am trying to configure traefik to connect between my 3 docker containers.
I tried with this configuration but I got net::ERR_NAME_NOT_RESOLVED on my browser console.
searchservice:
hostname: searchservice
image: searchservice:0.0.3-SNAPSHOT
container_name: searchservice
networks:
- es-network
#ipv4_address: 172.21.0.12
ports:
- 8070:8080
restart: always
depends_on:
- elasticsearch
- reverseproxy
labels:
- "traefik.frontend.rule=PathPrefix:/searchservice,Host:localhost"
- "traefik.port: 8070"
- "traefik.enable=true"
subscriber-service:
hostname: subscriber-service
image: subscriberservice:0.0.4-SNAPSHOT
container_name: subscriber-service
networks:
- es-network
#ipv4_address: 172.21.0.13
ports:
- 8090:8090
restart: always
depends_on:
- mongo1
- mongo2
- reverseproxy
labels:
- "traefik.frontend.rule=PathPrefix:/api,Host:localhost"
- "traefik.port: 8090"
- "traefik.enable=true"
searchappfront:
hostname: searchappfront
image: frontservice:latest
container_name: searchappfront
networks:
- es-network
ports:
- 80:80
restart: always
depends_on:
- subscriber-service
- searchservice
- reverseproxy
labels:
- "traefik.frontend.rule=PathPrefix:/"
- "traefik.enable=true"
- "traefik.port=80"
# - "traefik.frontend.rule=Host:localhost"
reverseproxy:
image: traefik:v2.1
command:
- '--providers.docker=true'
- '--entryPoints.web.address=:80'
- '--providers.providersThrottleDuration=2s'
- '--providers.docker.watch=true'
- '--providers.docker.defaultRule=Host("local.me")'
- '--accessLog.bufferingSize=0'
volumes:
- '/var/run/docker.sock:/var/run/docker.sock:ro'
#ports:
# - '80:80'
# - '8080:8080'
The searchappfront is an angular application where the http endPoints have this pattern
http://subscriber-service:8090/
http://searchservice:8070/
if I use localhost instead of hostnames, requests work fine but I need to deploy these containers in a cloud instance.

You are using traefik 2, but your annotation is for traefik 1. This is not going to work.

Request with Symfony HttpClient returns code 0, when the same request with postman works fine

I have a weird problem where a request I make (to my mercure hub) with postman works fine, however the Publisher class (from the Symfony mercure bundle), which uses the Symfony HttpClient will yield in a response code 0.
According to my research that means that the URL can't be found, or no Response was returned?
I first thought it might have to do something with the Publisher class itself, which is why opened this Issue on Github, but after some playing around I thought that maybe there is a communication error with my containers? I tried giving my mercure container "networks: internal", which some other containers use aswell, but that didn't help either.
Any ideas are greatly appreciated..
/e: my docker-compose:
version: "3"
services:
traefik:
image: traefik:v1.7
ports:
- 80:80
- 443:443
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./.docker/traefik/traefik.toml:/etc/traefik/traefik.toml
networks:
- proxy
labels:
- traefik.enable=true
- traefik.docker.network=proxy
- traefik.frontend.rule=Host:traefik.heracles.local
- traefik.port=8080
nginx:
image: nginx:1.17-alpine
volumes:
- ./Source:/var/www
- ./.docker/nginx/conf/nginx.conf:/etc/nginx/nginx.conf
links:
- php
networks:
- internal
- proxy
labels:
- traefik.docker.network=proxy
- traefik.enable=true
- traefik.basic.frontend.rule=Host:heracles.local
- traefik.basic.port=80
php:
build:
args:
USER_ID: ${USER_ID}
context: ./.docker/php
volumes:
- ./Source:/var/www
- ./.docker/php/conf/cli.ini:/etc/php/7.4/cli/conf.d/zz-symfony.ini
- ./.docker/php/conf/fpm.ini:/etc/php/7.4/fpm/conf.d/zz-symfony.ini
- ./.docker/php/conf/xdebug.ini:/etc/php/7.4/fpm/conf.d/zz-xdebug.ini
- ./.docker/php/conf/opcache.ini:/etc/php/7.4/fpm/conf.d/zz-opcache.ini
- ./.docker/php/conf/pool.conf:/etc/php/7.4/fpm/pool.d/www.conf
networks:
- internal
labels:
- traefik.enable=false
db:
image: mysql:5.7
env_file:
- .env
volumes:
- db_data:/var/lib/mysql
- ./.docker/mysql/conf.d:/etc/mysql/conf.d
command:
- --character-set-server=utf8mb4
- --collation-server=utf8mb4_unicode_ci
- --skip-character-set-client-handshake
networks:
- internal
labels:
- traefik.enable=false
restart: always
adminer:
image: adminer
networks:
- internal
- proxy
labels:
- traefik.docker.network=proxy
- traefik.enable=true
- traefik.basic.frontend.rule=Host:db.heracles.local
- traefik.basic.port=8080
blackfire:
image: blackfire/blackfire
networks:
- internal
labels:
- traefik.enable=false
mailhog:
image: mailhog/mailhog
networks:
- internal
- proxy
labels:
- traefik.docker.network=proxy
- traefik.enable=true
- traefik.basic.frontend.rule=Host:mail.heracles.local
- traefik.basic.port=8025
mercure:
image: dunglas/mercure
environment:
- ALLOW_ANONYMOUS=1
- CORS_ALLOWED_ORIGINS=*
- JWT_KEY=ASD
- PUBLISH_ALLOWED_ORIGINS=http://heracles.local
- ADDR=:3000
ports:
- 3000:3000
networks:
internal:
proxy:
external: true
volumes:
db_data:

In reference to your comment, your MERCURE_PUBLISH_URL .env variable must indeed refer to your Mercure container, but there's no need for the port indication. If the name of your Mercure container is "mercure", the environment variable should be set like so :
MERCURE_PUBLISH_URL=http://mercure/.well-known/mercure
(Replace http by https if your connection is secured)

Alright guys it's working now. In fact the correct url is
MERCURE_PUBLISH_URL=http://mercure:3000/.well-known/mercure
So if you're using Docker Containers make sure to pass the correct host + the port and give your mercure containers the network of your other containers (internal in my case).