Hej everyone. My traefik setup has been up and running for a few months now. I love it, a bit scary to switch at first, but I encourage you to look at, if you haven’t. Middelwares are amazing: I mostly use it for CrowdSec and authentication. Theres two things I could use some feedback, though.


  1. I mostly use docker labels to setup routers in traefik. Some people only define on router (HTTP) and some both (+ HTTPS) and I did the latter.
- labels
      - traefik.enable=true
      - traefik.http.routers.jellyfin.entrypoints=web
      - traefik.http.routers.jellyfin.rule=Host(`jellyfin.local.domain.de`)
      - traefik.http.middlewares.jellyfin-https-redirect.redirectscheme.scheme=https
      - traefik.http.routers.jellyfin.middlewares=jellyfin-https-redirect
      - traefik.http.routers.jellyfin-secure.entrypoints=websecure
      - traefik.http.routers.jellyfin-secure.rule=Host(`jellyfin.local.domain.de`)
      - traefik.http.routers.jellyfin-secure.middlewares=local-whitelist@file,default-headers@file
      - traefik.http.routers.jellyfin-secure.tls=true
      - traefik.http.routers.jellyfin-secure.service=jellyfin
      - traefik.http.services.jellyfin.loadbalancer.server.port=8096
      - traefik.docker.network=media

So, I don’t want to serve HTTP at all, all will be redirected to HTTPS anyway. What I don’t know is, if I can skip the HTTP part. Must I define the web entrypoint in order for redirect to work? Or can I define it in the traefik.yml as I did below?

entryPoints:
  ping:
    address: ':88'
  web:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: websecure
          scheme: https
  websecure:
    address: ":443"

  1. I use homepage (from benphelps) as my dashboard and noticed, that when I refresh the page, all those widgets take a long time to load. They did not do that, when I connecte homepage to those services directly using IP:PORT. Now I use URLs provided by traefik, and it’s slow. It’s not really a problem, but I wonder, if I made a mistake somewhere. I’m still a beginner when it comes to this, so any pointers in the right direction are apprecciated. Thank you =)
  • mbirth@lemmy.mbirth.uk
    link
    fedilink
    English
    arrow-up
    2
    ·
    8 months ago

    I think the redirect must go into the dynamic configuration, not the static one. But yes, you can setup a generic redirect. I did it like this:

    http:
    
      routers:
    
        redirect-https:
          rule: HostRegexp(`{catchall:.*}`) 
          entrypoints: web
          middlewares: redirect-https
          service: dummy
    
      services:
    
        dummy:
          loadbalancer:
            servers:
              - url: "about:blank"
    

    This is in a file 010-redirect-https.yml in my Traefik’s dynamic configuration directory. And it works for all http URLs.

    • Pete90@feddit.deOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      8 months ago

      I didn’t even know that you could have a whole dynamic config directory, I just use one file. I’m guessing I can just as well put it there? And the dummy service simply acts as a place holder?

      • mbirth@lemmy.mbirth.uk
        link
        fedilink
        English
        arrow-up
        1
        ·
        8 months ago

        Exactly! It didn’t work without providing any service item, so I had to specify something.

        I use the dynamic configuration to add some static routes to other devices and non-Docker services in my local network.