How to redirect http to https with Traefik 2.0 and Docker Compose labels?

docker docker-compose traefik
Xiiryo picture Xiiryo · Oct 12, 2019 · Viewed 33.5k times · Source

Please note that it is a Traefik V2 question. I had a solution on V1 but V2 is a total rewamp.

This above is supposed to redirect http://whoami.mysite.com to https://whoami.mysite.com.

  • The https is working nicely.
  • The http don't redirect to https and raise an error 404.

There is no other file. All is in this Docker-compose.yml for the moment since it is a test to prepare further deployement.

version: "3.3"

services:

  traefik:
    image: "traefik:v2.0"
    container_name: "traefik"
    command:
      - "--log.level=DEBUG"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.web-secure.address=:443"
      - "--certificatesresolvers.myhttpchallenge.acme.httpchallenge=true"
      - "--certificatesresolvers.myhttpchallenge.acme.httpchallenge.entrypoint=web-secure"
      #- "--certificatesresolvers.myhttpchallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
      - "[email protected]"
      - "--certificatesresolvers.myhttpchallenge.acme.storage=/letsencrypt/acme.json"
    labels:
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - "./letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

  whoami:
    image: "containous/whoami"
    container_name: "whoami"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.rule=Host(`whoami.mysite.com`)"
      - "traefik.http.routers.whoami.entrypoints=web"
      - "traefik.http.routers.whoami.middlewares=redirect-to-https@docker"
      - "traefik.http.routers.whoami-secured.rule=Host(`whoami.mysite.com`)"
      - "traefik.http.routers.whoami-secured.entrypoints=web-secure"
      - "traefik.http.routers.whoami-secured.tls=true"
      - "traefik.http.routers.whoami-secured.tls.certresolver=myhttpchallenge"

Answer

Cellcore picture Cellcore · May 20, 2020

I suggest to take a look here at the docs Entrypoint redirect 80 > 443

This worked for me and is the best solution if you want all traffic redirected from port 80 to 443.

--entrypoints.web.address=:80
--entrypoints.web.http.redirections.entryPoint.to=websecure
--entrypoints.web.http.redirections.entryPoint.scheme=https
--entrypoints.web.http.redirections.entrypoint.permanent=true
--entrypoints.websecure.address=:443

NOTE:

there are so many examples around. Just take a look at websecure.

Sometimes it is written web-secure.

Hope that helps ;o)

Related questions

Editing Files inside of a Docker Container

How can I edit the config files that are inside of a docker container that has been downloaded on the host? I am using this tutorial but I am not sure where to find and edit the traefik.toml file

Read More
Routing paths with Traefik

Currently I'm trying set up a loadbalancer/reverse proxy with Traefik for some docker containers. I'm having trouble with configuring Treafik to make my apps available using a some prefix paths. I'm able to get a basic Traefik configuration running …

Read More
Traefik routing to both known and wildcard subdomain on a single domain

Is it possible to have a wildcard subdomain that does not include a specific subdomain? *.mydomain.com OK login.mydomain.com SKIP I cannot access my login container when using a wildcard on my app container. Below is an image …

Read More