如何使用 traefik 使内容同时显示在 www 和非 www url 上
How to make content to show on both www and non-www urls using traefik
感谢您的关注,我很着急。任何帮助都会很棒。
目前用户无法达到 www.example.com 但他们可以达到 example.com.
两者都可以:
1) 接受来自 WWW 和非 www url 的所有流量并提供相同的内容。
2) 将用户从 WWW 重定向到非 www url 以显示内容。
注意:使用了 Let's Encrypt
我现在的配置是
traefik.toml
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.dashboard]
address = ":8080"
[entryPoints.dashboard.auth]
[entryPoints.dashboard.auth.basic]
users = ["admin:key"]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
regex = "^https://www.(.*)"
replacement = "https://"
permanent=true
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[api]
entrypoint="dashboard"
[acme]
email = "mail@gmail.com"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
[[acme.domains]]
main = "*.example.com"
sans = ["example.com"]
[[acme.domains]]
main = "*.example1.com"
sans = ["example1.com"]
[docker]
domain = "example.com"
watch = true
network = "proxy"`
docker-compose.yml:
version: '2'
services:
traefik:
image: traefik
restart: always
command: --docker
ports:
- 80:80
- 443:443
networks:
- proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- $PWD/traefik.toml:/traefik.toml
- $PWD/acme.json:/acme.json
container_name: trefik
environment:
DO_AUTH_TOKEN: TOKEN
labels:
- traefik.frontend.rule=Host:monitor.example.com
- traefik.port=8080
example1:
image: wordpress:4.7.5-apache
restart: always
environment:
WORDPRESS_DB_PASSWORD: something
labels:
- traefik.backend=example1
- traefik.frontend.rule=Host:example1.com
- traefik.docker.network=proxy
- traefik.port=80
networks:
- internal
- proxy
depends_on:
- mysql
example:
image: tutum/apache-php
restart: always
labels:
- traefik.backend=example
- traefik.frontend.rule=Host:example.com, www.example.com
- traefik.docker.network=proxy
- traefik.port=80
networks:
- internal
- proxy
编辑#1:
Your config Redirects:
http://example.com => [no redirect]
https://www.example.com => [timeout]
http://www.example.com => [timeout]
http://example.com => [no redirect]
My Config Redirects:
http://example.com => https://example.com:443/
https://www.example.com => [timeout]
http://www.example.com => [timeout]
http://example.com => https://example.com:443/
- 您不能在同一入口点同时使用重定向
entrypoint 和 regex。
Please note that regex and replacement do not have to be set in the redirect structure if an entrypoint is defined for the redirection (they will not be used in this case).
https://docs.traefik.io/v1.7/configuration/entrypoints/#redirect-http-to-https
- 无法通过 HTTP 质询获取通配符证书:https://docs.traefik.io/v.7/configuration/acme/#wildcard-domains
您必须使用 DNS 质询 https://docs.traefik.io/v1.7/configuration/acme/#dnschallenge(已编辑)
在你问之前:你不能同时使用两者(HTTP 质询和 DNS 质询)。
编辑
我将用 2 个简单的配置来说明重定向(自签名证书而不是 acme,但它是一回事)。
这 2 个配置无需任何更改即可工作,您只需要执行 docker-compose up。
请注意,重定向对 HTTP 质询 (ACME) 没有影响。
去除 www 和 HTTPS 重定向
目标:
$ curl --insecure -L http://www.whoami.docker.localhost
# http://www.whoami.docker.localhost -> https://whoami.docker.localhost
$ curl --insecure -L https://www.whoami.docker.localhost
# https://www.whoami.docker.localhost -> https://whoami.docker.localhost
$ curl --insecure -L http://whoami.docker.localhost
# http://whoami.docker.localhost -> https://whoami.docker.localhost
$ curl --insecure -L https://whoami.docker.localhost
# https://whoami.docker.localhost -> https://whoami.docker.localhost
我。没有 TOML 的示例:(docker-compose.yml)
version: "3"
services:
reverseproxy:
image: traefik:v1.7.8
command:
- --logLevel=INFO
- --defaultentrypoints=http,https
- --entrypoints=Name:http Address::80 Redirect.Regex:^http://(?:www\.)?(.+) Redirect.Replacement:https://$ Redirect.Permanent:true
- --entrypoints=Name:https Address::443 TLS Redirect.Regex:^https://www\.(.+) Redirect.Replacement:https://$ Redirect.Permanent:true
- --docker
- --docker.domain=docker.localhost
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
whoami:
image: containous/whoami
labels:
- "traefik.frontend.rule=Host:whoami.docker.localhost"
二. TOML 示例:(docker-compose.yml + traefik.toml)
version: "3"
services:
reverseproxy:
image: traefik:v1.7.8
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./traefik.toml:/traefik.toml
whoami:
image: containous/whoami
labels:
- "traefik.frontend.rule=Host:whoami.docker.localhost"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
regex = "^http://(?:www\.)?(.+)"
replacement = "https://"
permanent = true
[entryPoints.https]
address = ":443"
[entryPoints.https.redirect]
regex = "^https://www\.(.+)"
replacement = "https://"
permanent = true
[entryPoints.https.tls]
[api]
[docker]
domain = "docker.localhost"
感谢您的关注,我很着急。任何帮助都会很棒。 目前用户无法达到 www.example.com 但他们可以达到 example.com.
两者都可以:
1) 接受来自 WWW 和非 www url 的所有流量并提供相同的内容。
2) 将用户从 WWW 重定向到非 www url 以显示内容。
注意:使用了 Let's Encrypt
我现在的配置是
traefik.toml
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.dashboard]
address = ":8080"
[entryPoints.dashboard.auth]
[entryPoints.dashboard.auth.basic]
users = ["admin:key"]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
regex = "^https://www.(.*)"
replacement = "https://"
permanent=true
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[api]
entrypoint="dashboard"
[acme]
email = "mail@gmail.com"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
[[acme.domains]]
main = "*.example.com"
sans = ["example.com"]
[[acme.domains]]
main = "*.example1.com"
sans = ["example1.com"]
[docker]
domain = "example.com"
watch = true
network = "proxy"`
docker-compose.yml:
version: '2'
services:
traefik:
image: traefik
restart: always
command: --docker
ports:
- 80:80
- 443:443
networks:
- proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- $PWD/traefik.toml:/traefik.toml
- $PWD/acme.json:/acme.json
container_name: trefik
environment:
DO_AUTH_TOKEN: TOKEN
labels:
- traefik.frontend.rule=Host:monitor.example.com
- traefik.port=8080
example1:
image: wordpress:4.7.5-apache
restart: always
environment:
WORDPRESS_DB_PASSWORD: something
labels:
- traefik.backend=example1
- traefik.frontend.rule=Host:example1.com
- traefik.docker.network=proxy
- traefik.port=80
networks:
- internal
- proxy
depends_on:
- mysql
example:
image: tutum/apache-php
restart: always
labels:
- traefik.backend=example
- traefik.frontend.rule=Host:example.com, www.example.com
- traefik.docker.network=proxy
- traefik.port=80
networks:
- internal
- proxy
编辑#1:
Your config Redirects:
http://example.com => [no redirect]
https://www.example.com => [timeout]
http://www.example.com => [timeout]
http://example.com => [no redirect]
My Config Redirects:
http://example.com => https://example.com:443/
https://www.example.com => [timeout]
http://www.example.com => [timeout]
http://example.com => https://example.com:443/
- 您不能在同一入口点同时使用重定向
entrypoint和regex。
Please note that
regexandreplacementdo not have to be set in the redirect structure if an entrypoint is defined for the redirection (they will not be used in this case).https://docs.traefik.io/v1.7/configuration/entrypoints/#redirect-http-to-https
- 无法通过 HTTP 质询获取通配符证书:https://docs.traefik.io/v.7/configuration/acme/#wildcard-domains
您必须使用 DNS 质询 https://docs.traefik.io/v1.7/configuration/acme/#dnschallenge(已编辑) 在你问之前:你不能同时使用两者(HTTP 质询和 DNS 质询)。
编辑
我将用 2 个简单的配置来说明重定向(自签名证书而不是 acme,但它是一回事)。
这 2 个配置无需任何更改即可工作,您只需要执行 docker-compose up。
请注意,重定向对 HTTP 质询 (ACME) 没有影响。
去除 www 和 HTTPS 重定向
目标:
$ curl --insecure -L http://www.whoami.docker.localhost
# http://www.whoami.docker.localhost -> https://whoami.docker.localhost
$ curl --insecure -L https://www.whoami.docker.localhost
# https://www.whoami.docker.localhost -> https://whoami.docker.localhost
$ curl --insecure -L http://whoami.docker.localhost
# http://whoami.docker.localhost -> https://whoami.docker.localhost
$ curl --insecure -L https://whoami.docker.localhost
# https://whoami.docker.localhost -> https://whoami.docker.localhost
我。没有 TOML 的示例:(docker-compose.yml)
version: "3"
services:
reverseproxy:
image: traefik:v1.7.8
command:
- --logLevel=INFO
- --defaultentrypoints=http,https
- --entrypoints=Name:http Address::80 Redirect.Regex:^http://(?:www\.)?(.+) Redirect.Replacement:https://$ Redirect.Permanent:true
- --entrypoints=Name:https Address::443 TLS Redirect.Regex:^https://www\.(.+) Redirect.Replacement:https://$ Redirect.Permanent:true
- --docker
- --docker.domain=docker.localhost
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
whoami:
image: containous/whoami
labels:
- "traefik.frontend.rule=Host:whoami.docker.localhost"
二. TOML 示例:(docker-compose.yml + traefik.toml)
version: "3"
services:
reverseproxy:
image: traefik:v1.7.8
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./traefik.toml:/traefik.toml
whoami:
image: containous/whoami
labels:
- "traefik.frontend.rule=Host:whoami.docker.localhost"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
regex = "^http://(?:www\.)?(.+)"
replacement = "https://"
permanent = true
[entryPoints.https]
address = ":443"
[entryPoints.https.redirect]
regex = "^https://www\.(.+)"
replacement = "https://"
permanent = true
[entryPoints.https.tls]
[api]
[docker]
domain = "docker.localhost"