{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Melony? 的问题《How to redirect http to https with Traefik 2.0 and》','https://www.manongdao.com/q-1347802.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Please note that it is a Traefik V2 question. I had a solution on V1 but V2 is a total rewamp.
This above is supposed to redirect http://whoami.mysite.com to https://whoami.mysite.com.
- The https is working nicely.
- The http don't redirect to https and raise an error 404.
There is no other file. All is in this Docker-compose.yml for the moment since it is a test to prepare further deployement.
version: "3.3"
services:
traefik:
image: "traefik:v2.0"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.web-secure.address=:443"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge=true"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge.entrypoint=web-secure"
#- "--certificatesresolvers.myhttpchallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myhttpchallenge.acme.email=me@mail.com"
- "--certificatesresolvers.myhttpchallenge.acme.storage=/letsencrypt/acme.json"
labels:
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
whoami:
image: "containous/whoami"
container_name: "whoami"
labels:
- "traefik.enable=true"
- "traefik.http.routers.whoami.rule=Host(`whoami.mysite.com`)"
- "traefik.http.routers.whoami.entrypoints=web"
- "traefik.http.routers.whoami.middlewares=redirect-to-https@docker"
- "traefik.http.routers.whoami-secured.rule=Host(`whoami.mysite.com`)"
- "traefik.http.routers.whoami-secured.entrypoints=web-secure"
- "traefik.http.routers.whoami-secured.tls=true"
- "traefik.http.routers.whoami-secured.tls.certresolver=myhttpchallenge"
There is now a working solution in a tutorial from Gérald Croës at:
https://blog.containo.us/traefik-2-0-docker-101-fc2893944b9d
I suggest to take a look here at the docs Entrypoint redirect 80 > 443
This worked for me and is the best solution if you want all traffic redirected from port 80 to 443.
Hope that helps ;o)
Ok, found... I assumed that middlewares could be declared at Traefik level but these have to be declared at service level.
This line :
Has to be in the labels of the whoami service.
Another point, that is not related to the problem described, is that the http challenge has to be done on port 80.
Remove the "secure" in "web-secure".
I was searching for this answer when I was looking how to redirect everything to HTTPS via Traefik v2.2 and the best option for me was adding this ENV variables to Traefik and it automatically redirects all traffic to HTTPS.
With this I have no need to add anything to the middleware. More information about that feature can be found in the official documentation.
You don't need to configure the Traefik service itself. On Traefik you only need to have entrypoints to :443 (web-secure) and :80 (web)
Because Traefik only acts as entryPoint and will not do the redirect, the middleware on the target service will do that.
Now configure your target service as the following:
So basically the flow goes like this:
Request: http://sub.domain.com:80 --> traefik (service) --> mywebserver-web (router, http rule) --> mywebserver-redirect-web-secure (middleware, redirect to https) --> mywebserver-web-secure (router, https rule) --> mywebserver (service)