我正在使用docker-compose来启动某些服务,并使用traefik作为反向代理。我已经正确配置了http到https重定向,但是www到非www的重定向无法正常工作,我不确定是否做错了什么。这里是配置的摘要:
version: "3.3"
services:
traefik:
image: "traefik:v2.1"
container_name: "traefik"
restart: always
logging:
driver: "json-file"
options:
max-size: "50m"
command:
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
- "--certificatesresolvers.letsencrypt.acme.email=myemail@gmail.com"
- "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
volumes:
- "./data/letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`traefik_dashboard.mydomain.com`)"
- "traefik.http.routers.traefik.tls=true"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
- "traefik.http.routers.traefik.middlewares=traefik-auth"
- "traefik.http.middlewares.traefik-auth.basicauth.users=admin:somepass"
# middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
myservice:
image: prestashop/prestashop:1.7
restart: always
container_name: "myservice"
logging:
driver: "json-file"
options:
max-size: "50m"
labels:
- "traefik.enable=true"
- "traefik.http.routers.myservice.rule=Host(`myservice.com`)"
- "traefik.http.routers.myservice.entrypoints=websecure"
- "traefik.http.routers.myservice.tls.certresolver=letsencrypt"
- "traefik.http.routers.myservice.middlewares=redirect-to-https"
- "traefik.http.routers.cdn_myservice.rule=Host(`cdn.myservice.com`)"
- "traefik.http.routers.cdn_myservice.entrypoints=websecure"
- "traefik.http.routers.cdn_myservice.tls.certresolver=letsencrypt"
- "traefik.http.routers.cdn_myservice.middlewares=redirect-to-https"
- "traefik.http.routers.www_myservice.rule=Host(`www.myservice.com`)"
- "traefik.http.routers.www_myservice.entrypoints=web"
- "traefik.http.middlewares.www_myservice-redirect.redirectregex.regex=^https?://www\\.myservice\\.com(.*)"
- "traefik.http.middlewares.www_myservice-redirect.redirectregex.replacement=http://myservice.com$${1}"
- "traefik.http.middlewares.www_myservice-redirect.redirectregex.permanent=true"
- "traefik.http.routers.www_myservice.middlewares=www_myservice-redirect"
答案 0 :(得分:0)
我想知道它是否对正则表达式有些古怪,或者是如何从Docker传递给Traefik的–我尝试并放弃使用redirectregex,但是我能够use SSLForceHost fine:
- "traefik.http.routers.myservice.rule=Host(`myservice.com`, `www.myservice.com`)"
- "traefik.http.routers.myservice.middlewares=${STACK_NAME}-redirect"
- "traefik.http.middlewares.myservice-redirect.headers.SSLForceHost=true"
- "traefik.http.middlewares.myservice-redirect.headers.SSLHost=myservice.com"
这会将重定向合并到主服务上(即不将其添加到www_myservice中);我个人在traefik.yml中设置了全局HTTP→HTTPS重定向,但我想应该可以按服务将其按服务进行工作,只需确保SSLForceHost在启用SSL的服务器上!