网上有很多解决方案可以解决我的问题,因此我在这里询问是否有人可以发现我的错误。
基于此评论here,这应该将www指向非www:
- traefik.frontend.rule=Host:example.com,www.example.com
- traefik.frontend.redirect.regex=^https?://www.example.com/(.*)
- traefik.frontend.redirect.replacement=https://example.com/$${1}
因此,我只是翻转了行为以实现用例。请参见下面的标签块。
但是它不起作用。当前行为是:
http://example.com-> https://example.com(出乎意料)
https://example.com-> https://example.com(出乎意料)
http://www.example.com-> https://www.example.com(GTG)
https://www.example.com-> https://www.example.com(GTG
我希望所有内容都指向https://www.example.com
这是我的docker-compose文件:
version: "2"
services:
app:
build:
context: .
dockerfile: Dockerfile-SSR-AngularApp
environment:
- PORT=5200
restart: always
networks:
- web
- default
expose:
- "5200"
labels:
- traefik.enable=true
- traefik.docker.network=web
- traefik.basic.port=5200
- traefik.basic.frontend.rule=Host:www.example.com,example.com
- traefik.frontend.redirect.regex=^https?://example.com/?(.*) # I flipped these from the example to meet my use case
- traefik.frontend.redirect.replacement=https://www.example.com$${1}
- traefik.frontend.redirect.permanent=true
- traefik.frontend.headers.SSLRedirect=true
- traefik.frontend.headers.SSLForceHost=true
- traefik.frontend.headers.SSLHost=www.example.com
networks:
web:
external: true
我的正则表达式对我来说也很好,Regex101
关于为什么此配置无法按预期工作的任何想法?
更新:
这些是我从这些请求中得到的答复:
curl --head http://example.com
HTTP/1.1 302 Found -> This is the redirect from http to https
Location: https://example.com:443/
Date: Tue, 05 Mar 2019 14:30:29 GMT
Content-Length: 5
Content-Type: text/plain; charset=utf-8
curl --head https://example.com
HTTP/2 200 -> NO REDIRECT, should be 301
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2019 14:32:16 GMT
etag: W/"74c55-CIDAqU2YBPjLVCS1Hegttk4cLvI"
vary: Accept-Encoding
x-powered-by: Express
content-length: 478293
这是我的traefik.toml文件:
debug = false
logLevel = "ERROR"
defaultEntryPoints = ["https","http"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
compress = true
[entryPoints.https.tls]
[retry]
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "www.example.com"
watch = true
exposedByDefault = false
[acme]
email = "me@example.com"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
这是我最后得到的解决方案
debug = false
logLevel = "ERROR"
defaultEntryPoints = ["https","http"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
#entryPoint = "https"
regex = "^http://example.com/(.*)"
replacement = "https://www.example.com/$1"
[entryPoints.https]
address = ":443"
compress = true
[entryPoints.https.redirect]
regex = "^https://example.com/(.*)"
replacement = "https://www.example.com/$1"
[entryPoints.https.tls]
[retry]
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "www.example.com"
watch = true
exposedByDefault = false
[acme]
email = "me@example.com"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
答案 0 :(得分:0)
设置traefik.frontend.headers.SSLRedirect=false或Traefik会将所有http请求的重定向规则添加到与https相同的请求中,然后再应用正则表达式。
来自Traefik docker documentation:
traefik.frontend.headers.SSLRedirect=true强制前端 如果发送了非SSL请求,则重定向到SSL。
答案 1 :(得分:0)
对于我的解决方案,我最终在docker-compose文件的labels块中废弃了该方法。如果有人提出解决方案,我很感兴趣。但是,与此同时,我想出了一种适用于我的简单案例的解决方案。我不在容器上执行重定向,而是在我的traefik.toml配置文件中的Traefik入口处执行该重定向:
debug = false
logLevel = "ERROR"
defaultEntryPoints = ["https","http"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
#entryPoint = "https"
regex = "^http://example.com/(.*)"
replacement = "https://www.example.com/$1"
[entryPoints.https]
address = ":443"
compress = true
[entryPoints.https.redirect]
regex = "^https://example.com/(.*)"
replacement = "https://www.example.com/$1"
[entryPoints.https.tls]
[retry]
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "www.example.com"
watch = true
exposedByDefault = false
[acme]
email = "me@example.com"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"