如何解决Traefik:所有子目录都返回 404
首先,提前感谢您的观看。我想我在某处犯了一个非常基本的错误,但我已经搜索了几个小时没有结果。我正在尝试运行概念验证以在子目录中的 traefik 2.4 反向代理后面公开容器。我的 DDNS 不允许使用子域,所以我一直在使用子目录,直到我能证明它有效。
我的问题是我站起来的每个容器都被 traefik 动态拾取并显示在仪表板中,但是子目录给出了 404 错误。我什至使用 PathPrefix 和正则表达式来防止结束/错误。
这是我的配置。
Traefik 的 docker-compose:
version: '3'
services:
traefik:
image: traefik:v2.4
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- t2_proxy
ports:
- 80:80
- 443:443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data/traefik.yml:/traefik.yml:ro
- ./data/acme.json:/acme.json
- ./data/log:/var/log
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.entrypoints=http"
- "traefik.http.routers.traefik.rule=Host(`domain.host.com`)"
- "traefik.http.middlewares.traefik-auth.basicauth.users=user:password"
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
- "traefik.http.routers.traefik-secure.entrypoints=https"
- "traefik.http.routers.traefik-secure.rule=Host(`domain.host.com`)"
- "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.routers.traefik-secure.tls.certresolver=http"
- "traefik.http.routers.traefik-secure.service=api@internal"
fail2ban:
image: crazymax/fail2ban:latest
container_name: fail2ban
network_mode: "host"
cap_add:
- NET_ADMIN
- NET_RAW
volumes:
# - /var/log:/var/log:ro
- ./fail2ban/data:/data
- ./data/log:/var/log:ro
networks:
t2_proxy:
external: true
这是我的 traefik.yml 配置文件:
api:
dashboard: true
entryPoints:
http:
address: ":80"
https:
address: ":443"
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
certificatesResolvers:
http:
acme:
email: email@email.com
storage: acme.json
httpChallenge:
entrypoint: http
log:
filePath: "/var/log/traefik.log"
level: DEBUG
accessLog:
filePath: "var/log/access.log"
filters:
statusCodes:
- "400-499"
retryAttempts: true
这是我尝试公开的第一个概念验证容器。它只是一个单独的 docker-compose 中的 portainer:
version: '3'
services:
portainer:
image: portainer/portainer-ce:latest
container_name: portainer
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- t2_proxy
ports:
- "9000:9000"
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data:/data
labels:
- "traefik.enable=true"
#web routers
- "traefik.http.routers.portainer.entrypoints=http"
- "traefik.http.routers.portainer.rule=Host(`domain.host.com`) && PathPrefix(`/portainer`)"
#- "traefik.http.routers.portainer.rule=Host(`domain.host.com`) && PathPrefix(`/portainer{regex:$$|/.*}`)"
#- "traefik.http.routers.portainer.rule=Path(`/portainer`)"
#- "traefik.http.routers.portainer.rule=PathPrefix(`/portainer{regex:$$|/.*}`)"
#middlewares
#- "traefik.http.routers.portainer.middlewares=portainer-stripprefix"
#- "traefik.http.middlewares.portainer-stripprefix.stripprefix.prefixes=/portainer"
- "traefik.http.middlewares.portainer-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.portainer.middlewares=portainer-https-redirect"
#web secure rpiters
- "traefik.http.routers.portainer-secure.entrypoints=https"
- "traefik.http.routers.portainer-secure.rule=Host(`domain.host.com`) && PathPrefix(`/portainer`)"
#- "traefik.http.routers.portainer-secure.rule=Host(`domain.host.com`) && PathPrefix(`/portainer{regex:$$|/.*}`)"
#- "traefik.http.routers.portainer-secure.rule=Path(`/portainer`)"
#- "traefik.http.routers.portainer-secure.rule=PathPrefix(`/portainer{regex:$$|/.*}`)"
#- "traefik.http.routers.portainer-secure.middlewares=chain-basic-auth@users"
- "traefik.http.routers.portainer-secure.tls=true"
- "traefik.http.routers.portainer-secure.tls.certresolver=http"
- "traefik.http.routers.portainer-secure.service=portainer"
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
- "traefik.docker.network=t2_proxy"
networks:
t2_proxy:
external: true
总而言之,我导航到 domain.host.com,它通过将我重定向到 domain.host.com/dashboard 来正常运行。但是,当我访问 domain.host.com/portiner 时,它会出现 404 错误。
如果我应该发布任何其他详细信息,请告诉我。我感觉我遗漏了一些非常明显的配置,因为这是我第一次使用 Traefik。再次感谢您的帮助!
解决方法
对于未来的谷歌员工
好的,我今晚想通了。感谢 reddit.com/traefik 用户 /u/Quafeinum 的帮助!我实际上在这里阅读了指南:https://spad.uk/practical-configuration-of-traefik-as-a-reverse-proxy-for-docker/ by spad on linuxserver.io 这帮助我更好地理解了标签。问题的关键是
traefik.http.services.whoami-whoami.loadbalancer.server.scheme=https
不管它做什么,它都出现在所有示例中,我无意识地复制了它(这里有一个警示故事)。删除它后,容器现在可以在 HTTPS 上正确公开。已通过 portainer 和 whoami 验证。
这是指向相关 docker-composes 和 yamls 的 pastebin 的链接。这将得到一个功能正常的 traefik,它通过 HTTPS 动态加载 docker 容器 whoami。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
