I have several containers (nextcloud, mariadb, vaultwarden...), including Traefik for a reverse proxy.
I use Traefik to access my NAS too, which is another device on my LAN (192.168.0.27). I want to use it even to access my router's interface (192.168.0.1).
It works fine for all the containers and the NAS but there is an error Bad Gateway when I try to log in to my router's interface : I can put my login and password in the fields but when I validate there is an error Bad Gateway.
docker-compose.yml:
version: '3.7'
services:
traefik:
container_name: traefik
image: traefik:latest
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./certs/:/letsencrypt/
- ./conf/traefik.yml:/etc/traefik/traefik.yml:ro
- ./dynamic/:/etc/traefik/config/:ro
- ./logs/traefik.log:/var/log/traefik/logs/traefik.log
- ./logs/traefik_access.log:/var/log/traefik/traefik_access.log
- ./credentials/:/credentials/:ro
networks:
traefik_lan:
wan:
mariadb:
ports:
- '80:80'
- '443:443'
labels:
traefik.enable: True
traefik.docker.network: wan
traefik.http.routers.traefik.middlewares: authentication@file,SecHeader@file
traefik.http.routers.traefik.rule: Host(`traefik.mydomain.xyz`)
traefik.http.routers.traefik.service: api@internal
traefik.http.routers.traefik.tls: True
traefik.http.routers.traefik.tls.certresolver: certbot
providers.docker.network: wan
traefik.http.routers.nas.entrypoints: web_secure
traefik.http.routers.nas.rule: Host(`nas.mydomain.xyz`)
traefik.http.routers.nas.service: nas@file
traefik.http.routers.nas.tls: true
traefik.http.routers.nas.tls.certresolver: certbot
traefik.http.routers.box.entrypoints: web_secure
traefik.http.routers.box.rule: Host(`box.mydomain.xyz`)
traefik.http.routers.box.service: box@file
traefik.http.routers.box.tls: true
traefik.http.routers.box.tls.certresolver: certbot
networks:
traefik_lan:
external: True
wan:
external: True
mariadb:
driver: bridge
external: True
traefik.yml:
global:
sendAnonymousUsage: false
entryPoints:
web:
address: ':80'
http:
redirections:
entryPoint:
to: web_secure
web_secure:
address: ':443'
http:
middlewares:
- SecHeader@file
api:
dashboard: True
insecure: False
log:
filePath: /var/log/traefik/logs/traefik.log
format: common
level: INFO
accessLog:
filePath: /var/log/traefik/traefik_access.log
providers:
docker:
exposedByDefault: False
file:
directory: /etc/traefik/config/
certificatesResolvers:
certbot:
acme:
email: [email protected]
keyType: 'RSA4096'
storage: /letsencrypt/acme.json
httpChallenge:
entryPoint: web"
traefik.log (DEBUG):
time="2023-11-16T20:26:31Z" level=debug msg="http: TLS handshake error from 192.241.200.70:46852: tls: client offered only unsupported versions: [302 301]"
time="2023-11-16T20:26:41Z" level=debug msg="Request has been aborted [92.88.255.51:34812 - /menu/jquery.min.js]: net/http: abort Handler" middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2023-11-16T20:26:45Z" level=debug msg="Request has been aborted [92.88.255.51:34812 - /menu/jquery.min.js]: net/http: abort Handler" middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2023-11-16T20:26:52Z" level=debug msg="'502 Bad Gateway' caused by: read tcp 172.18.0.3:39218->192.168.0.1:80: read: connection reset by peer"
I tried to indicate network and port like said here: Traefik > "Bad gateway" (error 502) for some containers but the container Traefik doesn't work any more (the way isn't exactly the same as described in this link because I want to redirect to LAN and not to docker containers)
The conf is exactly the same for accessing my NAS and there is no problem with my NAS.