How to redirect http to https with Traefik 2.0 and Docker Compose labels?
I suggest to take a look here at the docs Entrypoint redirect 80 > 443
This worked for me and is the best solution if you want all traffic redirected from port 80 to 443.
--entrypoints.web.address=:80--entrypoints.web.http.redirections.entryPoint.to=websecure--entrypoints.web.http.redirections.entryPoint.scheme=https--entrypoints.web.http.redirections.entrypoint.permanent=true--entrypoints.websecure.address=:443
NOTE:
there are so many examples around. Just take a look at websecure.
Sometimes it is written web-secure.
Hope that helps ;o)
There is now a working solution in a tutorial from Gérald Croës at:
https://blog.containo.us/traefik-2-0-docker-101-fc2893944b9d
services: traefik: image: "traefik:v2.0.0" # ... labels: # ... # middleware redirect - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" # global redirect to https - "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)" - "traefik.http.routers.redirs.entrypoints=web" - "traefik.http.routers.redirs.middlewares=redirect-to-https"
You don't need to configure the Traefik service itself. On Traefik you only need to have entrypoints to :443 (web-secure) and :80 (web)
Because Traefik only acts as entryPoint and will not do the redirect, the middleware on the target service will do that.
Now configure your target service as the following:
version: '2'services: mywebserver: image: 'httpd:alpine' container_name: mywebserver labels: - traefik.enable=true - traefik.http.middlewares.mywebserver-redirect-web-secure.redirectscheme.scheme=https - traefik.http.routers.mywebserver-web.middlewares=mywebserver-redirect-web-secure - traefik.http.routers.mywebserver-web.rule=Host(`sub.domain.com`) - traefik.http.routers.mywebserver-web.entrypoints=web - traefik.http.routers.mywebserver-web-secure.rule=Host(`sub.domain.com`) - traefik.http.routers.mywebserver-web-secure.tls.certresolver=mytlschallenge - traefik.http.routers.mywebserver-web-secure.tls=true - traefik.http.routers.mywebserver-web-secure.entrypoints=web-secure # if you have multiple ports exposed on the service, specify port in the web-secure service - traefik.http.services.mywebserver-web-secure.loadbalancer.server.port=9000
So basically the flow goes like this:
Request: http://sub.domain.com:80 --> traefik (service) --> mywebserver-web (router, http rule) --> mywebserver-redirect-web-secure (middleware, redirect to https) --> mywebserver-web-secure (router, https rule) --> mywebserver (service)