kelin/EZ-Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix remote server Traefik configuration

Browse Source 
- Add ports 80/443 to remote Traefik template
- Enable API access (insecure=true) for debugging
- Update configure_remote_server_routing to use HTTP-only config
  - Change entrypoint from websecure to web
  - Remove TLS cert resolver references
  - Remove authelia middleware references
- Replace Docker TLS provider with manual HTTP routes
  - Core Traefik now uses file provider with direct URLs
  - Fixes 404/gateway timeout errors on remote services
  - Routes HTTPS from core to HTTP on remote servers
- Fix port in routes (dozzle uses 8085, not 8082)

Resolves issues with remote server service accessibility.
This commit is contained in:
Kelin
2026-02-07 20:43:34 -05:00
parent 63a837f8e9
commit 72d3d8b38f
3 changed files with 127 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docker-compose/traefik/docker-compose.yml
View File

@@ -10,7 +10,7 @@ services:
restart: unless-stopped restart: unless-stopped
command: command:
- '--api.dashboard=true' - '--api.dashboard=true'
- '--api.insecure=false' - '--api.insecure=true' # Allow API access on port 8080
- '--providers.docker=true' - '--providers.docker=true'
- '--providers.docker.exposedbydefault=false' - '--providers.docker.exposedbydefault=false'
- '--providers.docker.network=traefik-network' - '--providers.docker.network=traefik-network'
@@ -23,6 +23,8 @@ services:
environment: environment:
- TZ=America/New_York - TZ=America/New_York
ports: ports:
- '80:80' # HTTP entrypoint
- '443:443' # HTTPS entrypoint
- '8080:8080' # Dashboard (optional, for debugging) - '8080:8080' # Dashboard (optional, for debugging)
volumes: volumes:
- ./config:/config - ./config:/config

80
scripts/common.sh
View File

@@ -308,7 +308,7 @@ EOF
debug_log "Sablier middleware config written to $output_file" debug_log "Sablier middleware config written to $output_file"
} }
# Register remote server with core Traefik # Register remote server with core Traefik using manual HTTP routes
add_remote_server_to_traefik() { add_remote_server_to_traefik() {
local server_ip="$1" local server_ip="$1"
local server_hostname="$2" local server_hostname="$2"
@@ -334,14 +334,78 @@ add_remote_server_to_traefik() {
mkdir -p "$traefik_dynamic_dir" mkdir -p "$traefik_dynamic_dir"
fi fi
# Generate provider configuration # Generate manual HTTP routes for remote server services
local provider_file="${traefik_dynamic_dir}/docker-provider-${server_hostname}.yml" # This uses the file provider with direct service URLs instead of Docker provider
generate_traefik_provider_config "$server_ip" "$server_hostname" "$provider_file" local routes_file="${traefik_dynamic_dir}/${server_hostname}-server-routes.yml"
# Generate Sablier middleware configuration cat > "$routes_file" <<EOF
# Manual Routes for Remote Server: $server_hostname
# Auto-generated by EZ-Homelab
# Last updated: $(date '+%Y-%m-%d %H:%M:%S')
#
# These routes proxy HTTPS traffic from core Traefik to HTTP services on remote server
http:
routers:
dockge-${server_hostname}:
rule: "Host(\`dockge.${server_hostname}.kelinreij.duckdns.org\`)"
service: dockge-${server_hostname}-service
entrypoints:
- websecure
tls:
certResolver: letsencrypt
glances-${server_hostname}:
rule: "Host(\`glances.${server_hostname}.kelinreij.duckdns.org\`)"
service: glances-${server_hostname}-service
entrypoints:
- websecure
tls:
certResolver: letsencrypt
dozzle-${server_hostname}:
rule: "Host(\`dozzle.${server_hostname}.kelinreij.duckdns.org\`)"
service: dozzle-${server_hostname}-service
entrypoints:
- websecure
tls:
certResolver: letsencrypt
traefik-${server_hostname}:
rule: "Host(\`traefik.${server_hostname}.kelinreij.duckdns.org\`)"
service: traefik-${server_hostname}-service
entrypoints:
- websecure
tls:
certResolver: letsencrypt
services:
dockge-${server_hostname}-service:
loadBalancer:
servers:
- url: "http://${server_ip}:5001"
glances-${server_hostname}-service:
loadBalancer:
servers:
- url: "http://${server_ip}:61208"
dozzle-${server_hostname}-service:
loadBalancer:
servers:
- url: "http://${server_ip}:8085"
traefik-${server_hostname}-service:
loadBalancer:
servers:
- url: "http://${server_ip}:8080"
EOF
log_success "Generated manual routes for remote server: $routes_file"
log_info "Core Traefik will route HTTPS traffic to HTTP services on $server_hostname"
log_info "Traefik will auto-reload configurations within 2 seconds"
# Generate Sablier middleware configuration (if needed for on-demand services)
local sablier_file="${traefik_dynamic_dir}/sablier-middleware-${server_hostname}.yml" local sablier_file="${traefik_dynamic_dir}/sablier-middleware-${server_hostname}.yml"
generate_sablier_middleware_config "$server_hostname" "$server_ip" "$sablier_file" generate_sablier_middleware_config "$server_hostname" "$server_ip" "$sablier_file"
log_success "Registered remote server $server_hostname with core Traefik"
log_info "Traefik will auto-reload configurations within 2 seconds"
} }

71
scripts/ez-homelab.sh
View File

@@ -1900,32 +1900,62 @@ configure_remote_server_routing() {
local server_name="$SERVER_HOSTNAME" local server_name="$SERVER_HOSTNAME"
# Update dockge with server-specific subdomain # Update dockge with server-specific subdomain and HTTP-only configuration
if [ -f "/opt/dockge/docker-compose.yml" ]; then if [ -f "/opt/dockge/docker-compose.yml" ]; then
sed -i "s/Host(\`dockge\.kelinreij\.duckdns\.org\`)/Host(\`dockge.${server_name}.kelinreij.duckdns.org\`)/" /opt/dockge/docker-compose.yml 2>/dev/null sed -i "s/Host(\`dockge\.\${DOMAIN}\`)/Host(\`dockge.${server_name}.kelinreij.duckdns.org\`)/" /opt/dockge/docker-compose.yml 2>/dev/null
sed -i "s/'traefik.enable=false'/'traefik.enable=true'/" /opt/dockge/docker-compose.yml 2>/dev/null sed -i "s/'traefik.enable=false'/'traefik.enable=true'/" /opt/dockge/docker-compose.yml 2>/dev/null
log_info "✓ Dockge: dockge.${server_name}.kelinreij.duckdns.org" # Change to web entrypoint (HTTP-only for remote servers)
sed -i "s/entrypoints=websecure/entrypoints=web/" /opt/dockge/docker-compose.yml 2>/dev/null
# Remove TLS cert resolver (not needed for remote)
sed -i "/traefik.http.routers.dockge.tls.certresolver/d" /opt/dockge/docker-compose.yml 2>/dev/null
# Remove authelia middleware (not available on remote)
sed -i "/traefik.http.routers.dockge.middlewares=authelia@docker/d" /opt/dockge/docker-compose.yml 2>/dev/null
log_info "✓ Dockge: dockge.${server_name}.kelinreij.duckdns.org (HTTP)"
fi fi
# Update infrastructure services (dozzle, glances) # Update infrastructure services (dozzle, glances) with HTTP-only configuration
if [ -f "/opt/stacks/infrastructure/docker-compose.yml" ]; then if [ -f "/opt/stacks/infrastructure/docker-compose.yml" ]; then
sed -i "s/Host(\`dozzle\.[^.]*\.kelinreij\.duckdns\.org\`)/Host(\`dozzle.${server_name}.kelinreij.duckdns.org\`)/" /opt/stacks/infrastructure/docker-compose.yml 2>/dev/null # Update hostnames
sed -i "s/Host(\`glances\.[^.]*\.kelinreij\.duckdns\.org\`)/Host(\`glances.${server_name}.kelinreij.duckdns.org\`)/" /opt/stacks/infrastructure/docker-compose.yml 2>/dev/null sed -i "s/Host(\`dozzle\.\${DOMAIN}\`)/Host(\`dozzle.${server_name}.kelinreij.duckdns.org\`)/" /opt/stacks/infrastructure/docker-compose.yml 2>/dev/null
log_info "✓ Dozzle: dozzle.${server_name}.kelinreij.duckdns.org" sed -i "s/Host(\`glances\.\${DOMAIN}\`)/Host(\`glances.${server_name}.kelinreij.duckdns.org\`)/" /opt/stacks/infrastructure/docker-compose.yml 2>/dev/null
log_info "✓ Glances: glances.${server_name}.kelinreij.duckdns.org"
# Change to web entrypoint (HTTP-only for remote servers)
sed -i "s/traefik.http.routers.dozzle.entrypoints=websecure/traefik.http.routers.dozzle.entrypoints=web/" /opt/stacks/infrastructure/docker-compose.yml 2>/dev/null
sed -i "s/traefik.http.routers.glances.entrypoints=websecure/traefik.http.routers.glances.entrypoints=web/" /opt/stacks/infrastructure/docker-compose.yml 2>/dev/null
# Remove TLS configuration
sed -i "/traefik.http.routers.dozzle.tls=/d" /opt/stacks/infrastructure/docker-compose.yml 2>/dev/null
sed -i "/traefik.http.routers.glances.tls=/d" /opt/stacks/infrastructure/docker-compose.yml 2>/dev/null
log_info "✓ Dozzle: dozzle.${server_name}.kelinreij.duckdns.org (HTTP)"
log_info "✓ Glances: glances.${server_name}.kelinreij.duckdns.org (HTTP)"
# Disable sablier routing (no web UI) # Disable sablier routing (no web UI)
sed -i "s/'traefik.enable=true'/'traefik.enable=false'/g" /opt/stacks/sablier/docker-compose.yml 2>/dev/null sed -i "s/'traefik.enable=true'/'traefik.enable=false'/g" /opt/stacks/sablier/docker-compose.yml 2>/dev/null
log_info "✓ Sablier: Traefik disabled (no web UI)" log_info "✓ Sablier: Traefik disabled (no web UI)"
fi fi
# Update Traefik dashboard route # Update Traefik dashboard route to use HTTP
if [ -f "/opt/stacks/traefik/dynamic/routes.yml" ]; then if [ -f "/opt/stacks/traefik/dynamic/routes.yml" ]; then
sed -i "s/Host(\`traefik\.[^.]*\.kelinreij\.duckdns\.org\`)/Host(\`traefik.${server_name}.kelinreij.duckdns.org\`)/" /opt/stacks/traefik/dynamic/routes.yml 2>/dev/null cat > "/opt/stacks/traefik/dynamic/routes.yml" <<EOF
log_info "✓ Traefik Dashboard: traefik.${server_name}.kelinreij.duckdns.org" # Traefik Dynamic Routes for Remote Server
# Auto-generated by EZ-Homelab
#
# This file is watched by Traefik and reloaded automatically
# Add custom routes here if needed
http:
routers:
traefik-dashboard:
rule: "Host(\`traefik.${server_name}.kelinreij.duckdns.org\`)"
entryPoints:
- web
service: api@internal
EOF
log_info "✓ Traefik Dashboard: traefik.${server_name}.kelinreij.duckdns.org (HTTP)"
fi fi
log_success "Server-specific routing configured" log_success "Server-specific routing configured (HTTP-only for remote servers)"
} }
# Copy all stacks for remote server (except core) # Copy all stacks for remote server (except core)
@@ -2010,8 +2040,8 @@ deploy_traefik_stack() {
# Create placeholder routes.yml file in dynamic directory # Create placeholder routes.yml file in dynamic directory
if [ ! -f "$traefik_dir/dynamic/routes.yml" ]; then if [ ! -f "$traefik_dir/dynamic/routes.yml" ]; then
log_info "Creating placeholder routes.yml..." log_info "Creating Traefik dashboard route for remote server..."
cat > "$traefik_dir/dynamic/routes.yml" <<'ROUTESYML' cat > "$traefik_dir/dynamic/routes.yml" <<EOF
# Traefik Dynamic Routes for Remote Server # Traefik Dynamic Routes for Remote Server
# Auto-generated by EZ-Homelab # Auto-generated by EZ-Homelab
# #
@@ -2019,11 +2049,14 @@ deploy_traefik_stack() {
# Add custom routes here if needed # Add custom routes here if needed
http: http:
routers: {} routers:
services: {} traefik-dashboard:
middlewares: {} rule: "Host(\`traefik.${SERVER_HOSTNAME}.kelinreij.duckdns.org\`)"
ROUTESYML entryPoints:
log_success "Created routes.yml" - web
service: api@internal
EOF
log_success "Created routes.yml with dashboard route"
fi fi
# Verify docker-compose.yml exists # Verify docker-compose.yml exists