boilerplates
boilerplates copied to clipboard
ChristianLempa
Traefik - Unable to access web GUI - VPS
Hello all,
I am trying to follow the traefik tutorial to spin up on my VPS in Hetnzer. And I am running into some problems. I was able to follow the tutorial to the point where I can deploy the stack in portainer and it appears to be running without issue, but when I attempt to navigate to the web GUI's I am unable to access it.
First I thought it was DNS so I tried navigating straight to the hetnzer provided IP with the ports but no dice. Double checked the VPS to ensure the appropriate ports are open and unless I am misconstruing UFW it should be working. But here is the output of my firewall rules as it stands, so perhaps someone can double check my work:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip
To Action From
-- ------ ----
2230 ALLOW IN Anywhere
9090/tcp ALLOW IN Anywhere
80/tcp ALLOW IN Anywhere
443/tcp ALLOW IN Anywhere
8080/tcp ALLOW IN Anywhere
Below is the output of my docker-compose.yml file:
version: '3'
services:
traefik:
image: "traefik:v2.5"
container_name: "traefik"
ports:
- "80:80"
- "443:443"
# (Optional) Expose Dashboard
#- "8080:8080" # Don't do this in production!
volumes:
- /etc/traefik:/etc/traefik
- /var/run/docker.sock:/var/run/docker.sock:ro
And finally here is the traefik configuration file:
global:
checkNewVersion: true
sendAnonymousUsage: false # true by default
# (Optional) Log information
# ---
# log:
# level: ERROR # DEBUG, INFO, WARNING, ERROR, CRITICAL
# format: common # common, json, logfmt
# filePath: /var/log/traefik/traefik.log
# (Optional) Accesslog
# ---
# accesslog:
# format: common # common, json, logfmt
# filePath: /var/log/traefik/access.log
# (Optional) Enable API and Dashboard
# ---
# api:
# dashboard: true # true by default
# insecure: true # Don't do this in production!
# Entry Points configuration
# ---
entryPoints:
web:
address: :80
(Optional) Redirect to HTTPS
# ---
# http:
# redirections:
# entryPoint:
# to: websecure
# scheme: https
websecure:
address: :443
# Configure your CertificateResolver here...
---
certificatesResolvers:
staging:
acme:
email: [email protected]
storage: /etc/traefik/certs/acme.json
caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
httpChallenge:
entryPoint: web
production:
acme:
email: [email protected]
storage: /etc/traefik/certs/acme.json
caServer: "https://acme-v02.api.letsencrypt.org/directory"
httpChallenge:
entryPoint: web
# (Optional) Overwrite Default Certificates
# tls:
# stores:
# default:
# defaultCertificate:
# certFile: /etc/traefik/certs/cert.pem
# keyFile: /etc/traefik/certs/cert-key.pem
# (Optional) Disable TLS version 1.0 and 1.1
# options:
# default:
# minVersion: VersionTLS12
providers:
docker:
exposedByDefault: false # Default is true
file:
# watch for dynamic configuration changes
directory: /etc/traefik
watch: true
Any ideas on what might be going on? This is a head scratcher, not a huge concern as this is just for labbing.
You have some errors in your traefik.yml:
- you didn't uncomment the lines for accessing the WebUI, you need to uncomment the api, dashboard, and insecure lines if you're following the tutorial
- there's a space before "certificatesResolvers" which will cause traefik to get an error like "command traefik error: yaml: line 24: did not find expected key"
Also, you didn't uncomment port 8080 in your docker-compose file either.
ufw may have the port open but it seems nothing is listening on it. Try checking the container logs for traefik in portainer to see if there are any errors, the space before the cert line was causing mine to error out and not load the dashboard.
