I currently have docker mounted on a debian machine. To be able to access the different services I have Traefik 2 working as a reverse proxy.
The problem that arises for me is that I need to access other machines outside of docker from outside my network, but I am not sure how to configure it in Traefik 2. My debian machine has an IP of 10.10.10.3 and I need to access other machines (10.10.10.3 :8088, 10.10.10.7, 10.10.10.10, etc) but I can't.
I use a file in túfik (rules.yml) where I thought I had to add this, but I'm missing something that doesn't work. I get a 404 Page Not Found error when trying to access through omv.domain.eu
As I currently have the rules.yml file I can access omv.dominio.eu (without a certificate that is) but to access the proxmox machine (10.10.10.7:8006 / pve.dominio.eu) I get a message "Bad gateway ".
This is what I get with wget:
root@debian:~# wget https://pve.dominio.eu
--2020-04-27 20:06:04-- https://pve.dominio.eu/
Resolving pve.dominio.eu (pve.dominio.eu)... 9X.123.45.135
Connecting to pve.dominio.eu (pve.dominio.eu)|9X.123.45.135|:443... connected.
ERROR: The certificate of 'pve.dominio.eu' is not trusted.
ERROR: The certificate of 'pve.dominio.eu' doesn't have a known issuer.
The certificate's owner does not match hostname 'pve.dominio.eu'
This is the content of that rules file:
http:
routers:
router0:
rule: Host(`omv.dominio.eu`)
# entryPoints:
# - http
# middlewares:
# - https-redirect
service: omv
# will terminate the TLS request
tls: {}
#tls:
# passthrough: true
router1:
rule: Host(`pve.dominio.eu`)
service: pve
tls: {}
services:
omv:
loadBalancer:
servers:
scheme: https
- url: http://10.10.10.3:8088
passHostHeader: true
pve:
loadBalancer:
servers:
scheme: https
- url: http://10.10.10.7:8006
passHostHeader: true
middlewares:
https-redirect:
redirectScheme:
scheme: https
default-headers:
headers:
frameDeny: true
sslRedirect: true
browserXssFilter: true
contentTypeNosniff: true
forceSTSHeader: true
stsIncludeSubdomains: true
stsPreload: true
default-whitelist:
ipWhiteList:
sourceRange:
- "10.0.0.0/24"
- "192.168.0.0/16"
- "172.0.0.0/8"
secured:
chain:
middlewares:
- default-whitelist
- default-headers
Any help is welcome. Thanks.
I add information: I have managed to access the machine 10.10.10.3:8088 (without TSL that is, but it does not worry me much). Instead I need to access another machine with Proxmox with IP 10.10.10.7:8006 and I get the message "Bad gateway" when trying to access from outside the network: I edit my question with more data.
Good,
After a time of testing I publish here the solution I found.
The first thing is to reference the "config.yml" file from the "traefik.yml" file and add it as a file provider :
Next, in the config.yml file, add proxmox as a TCP service and not as HTTP:
Leaving my config.yml file like this:
With this we get access from outside our network. Although it will tell us that the certificate is not valid, we can at least access it.
Greetings.