cvjoint / traefik2 Goto Github PK
View Code? Open in Web Editor NEWTraefik v2: docker-compose repo
License: MIT License
Traefik v2: docker-compose repo
License: MIT License
I've been trying and failing to bypass forward auth on the API calls for FreshRSS. Using a setup similar to your Sonarr and Radarr compose files doesn't seem to work with FreshRSS;
- "traefik.http.routers.freshrss-rtr-bypass.rule=Host(`freshrss.$DOMAINNAME`) && (Headers(`X-Api-Key`, `$FRESHRSS_API_KEY`) || Query(`Passwd`, `$FRESHRSS_API_KEY`))"
With the above set, the following seems to successfully authenticate when using a browser or Postman;
https://freshrss.$DOMAINNAME/api/greader.php/accounts/ClientLogin?Email=xxx&Passwd=$FRESHRSS_API_KEY
but when adding to an RSS reader like Fiery Feeds or Reeder it doesn't work. I used an HTTP monitor and the call from the RSS apps seem to trigger authelia.
The following works but I'd rather not do this;
- "traefik.http.routers.freshrss-rtr-bypass.rule=Host(`freshrss.$DOMAINNAME`) && PathPrefix(`/api`)"
Any suggestions appreciated,
Thanks.
According to that issue you shouldn't use authelia middleware (like you do in secure-chain) to secure authelia because it will keep redirecting you until your request headers are too big for traefik.
If I use network_mode: "container:pia"
or network_mode: "service:pia"
to route a container through the pia container, I can no longer connect to the routed container using ip:port
from other machines on the local network.
If I add the port of the routed container to the pia container, I am then able to connect to the routed container from the host machine using localhost:port
but still not from other machines on the network.
In the rutorrent
example in ymlfiles/pia.yml
, is it possible to connect to rutorrent from other machines on the network using ip:port
. If so, how? Thanks.
Edit: I realise what's happening now. The pia container has traefik labels for rutorrent and I can now connect from the local network using ip:port.
A few further questions;
network_mode: "service:pia"
or should I use separate pia containers for each other service?What toml's files need to be in the rules folder
In ymlfiles/bitwarden.yml
you have the Authelia label. With this on I'm unable to login to BitWarden using the iOS app, it just crashes. If I disable auth, it works. Is this just so people don't unwittingly expose BitWarden or are you able to use Authelia and still login using the BitWarden mobile apps? Thanks.
I'm using your config in a docker container with Traefikv2 but TLS negotiation is failing....any ideas?
2020-04-23T19:45:06.254712145Z 2020-04-23 19:45:06.254574 [info] VPN_ENABLED defined as 'yes'
2020-04-23T19:45:06.292974932Z 2020-04-23 19:45:06.292825 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/gw2.atl3.slickvpn.com.ovpn
2020-04-23T19:45:06.302457705Z dos2unix: converting file /config/openvpn/gw2.atl3.slickvpn.com.ovpn to Unix format...
2020-04-23T19:45:06.333174151Z 2020-04-23 19:45:06.333035 [info] VPN remote line defined as 'gw2.atl3.slickvpn.com 443 udp'
2020-04-23T19:45:06.365964775Z 2020-04-23 19:45:06.365792 [info] VPN_REMOTE defined as 'gw2.atl3.slickvpn.com'
2020-04-23T19:45:06.402278610Z 2020-04-23 19:45:06.402117 [info] VPN_PORT defined as '443'
2020-04-23T19:45:06.433175632Z 2020-04-23 19:45:06.432991 [info] VPN_PROTOCOL defined as 'udp'
2020-04-23T19:45:06.463870158Z 2020-04-23 19:45:06.463738 [info] VPN_DEVICE_TYPE defined as 'tun0'
2020-04-23T19:45:06.496232271Z 2020-04-23 19:45:06.496066 [info] LAN_NETWORK defined as '10.0.0.1/24'
2020-04-23T19:45:06.528128873Z 2020-04-23 19:45:06.527995 [info] NAME_SERVERS defined as '1.1.1.1,1.0.0.1'
2020-04-23T19:45:06.556027443Z 2020-04-23 19:45:06.555843 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2020-04-23T19:45:06.588867347Z 2020-04-23 19:45:06.588724 [info] Adding 1.1.1.1 to resolv.conf
2020-04-23T19:45:06.622103973Z 2020-04-23 19:45:06.621919 [info] Adding 1.0.0.1 to resolv.conf
2020-04-23T19:45:06.652088612Z 2020-04-23 19:45:06.651924 [info] Starting OpenVPN...
2020-04-23T19:45:06.658278851Z Thu Apr 23 19:45:06 2020 WARNING: file 'credentials.conf' is group or others accessible
2020-04-23T19:45:06.658301200Z Thu Apr 23 19:45:06 2020 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019
2020-04-23T19:45:06.658308860Z Thu Apr 23 19:45:06 2020 library versions: OpenSSL 1.1.1 11 Sep 2018, LZO 2.08
2020-04-23T19:45:06.697777343Z Thu Apr 23 19:45:06 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]45.79.221.197:443
2020-04-23T19:45:06.697809522Z Thu Apr 23 19:45:06 2020 UDP link local: (not bound)
2020-04-23T19:45:06.697820232Z Thu Apr 23 19:45:06 2020 UDP link remote: [AF_INET]45.79.221.197:443
2020-04-23T19:45:06.725962878Z Thu Apr 23 19:45:06 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2020-04-23T19:46:06.926533682Z Thu Apr 23 19:46:06 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2020-04-23T19:46:06.926581072Z Thu Apr 23 19:46:06 2020 TLS Error: TLS handshake failed
2020-04-23T19:46:06.926702262Z Thu Apr 23 19:46:06 2020 SIGUSR1[soft,tls-error] received, process restarting
2020-04-23T19:46:11.950206067Z Thu Apr 23 19:46:11 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]45.79.221.197:443
2020-04-23T19:46:11.950246707Z Thu Apr 23 19:46:11 2020 UDP link local: (not bound)
2020-04-23T19:46:11.950259947Z Thu Apr 23 19:46:11 2020 UDP link remote: [AF_INET]45.79.221.197:443
2020-04-23T19:47:12.022754477Z Thu Apr 23 19:47:12 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2020-04-23T19:47:12.022897867Z Thu Apr 23 19:47:12 2020 TLS Error: TLS handshake failed
2020-04-23T19:47:12.023041387Z Thu Apr 23 19:47:12 2020 SIGUSR1[soft,tls-error] received, process restarting
2020-04-23T19:47:17.049793600Z Thu Apr 23 19:47:17 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]45.79.221.197:443
2020-04-23T19:47:17.049870641Z Thu Apr 23 19:47:17 2020 UDP link local: (not bound)
2020-04-23T19:47:17.049886881Z Thu Apr 23 19:47:17 2020 UDP link remote: [AF_INET]45.79.221.197:443
any idea how to overcome the permission issues shown in the logs?
2020-04-25T15:40:49.783792205Z [INFO] nzbget 21.0 server-mode
2020-04-25T15:45:10.559214557Z /data/nzbget.log: Permission denied
2020-04-25T15:45:10.712879529Z [INFO] Reloading...
2020-04-25T15:45:11.162671467Z /data/nzbget.log: Permission denied
2020-04-25T15:45:11.162714087Z /data/nzbget.log: Permission denied
2020-04-25T15:45:11.162724046Z /data/nzbget.log: Permission denied
2020-04-25T15:45:11.162732536Z /data/nzbget.log: Permission denied
2020-04-25T15:45:11.162811475Z /data/nzbget.log: Permission denied
2020-04-25T15:45:11.163433597Z nzbget.conf(55): Invalid value for option "TempDir" (/data/tmp): could not create directory /data/tmp: Permission denied
2020-04-25T15:45:11.163462847Z nzbget.conf(52): Invalid value for option "QueueDir" (/data/queue): could not create directory /data/queue: Permission denied
2020-04-25T15:45:11.163472037Z nzbget.conf(46): Invalid value for option "NzbDir":
2020-04-25T15:45:11.163480076Z [ERROR] nzbget.conf(55): Invalid value for option "TempDir" (/data/tmp): could not create directory /data/tmp: Permission denied
2020-04-25T15:45:11.163487646Z [ERROR] nzbget.conf(52): Invalid value for option "QueueDir" (/data/queue): could not create directory /data/queue: Permission denied
2020-04-25T15:45:11.163495046Z [ERROR] nzbget.conf(46): Invalid value for option "NzbDir":
2020-04-25T15:45:11.163501556Z [INFO] Pausing all activities due to errors in configuration
I tried creating the directories shown in the logs and permissioned them as $USER:docker just like all of my other containers, but its still in the logs as an issue.
I have had no success running the command specified in the mariadb yml for database backups:
docker run --rm --entrypoint cat dsteinkopf script/backup-all-mysql /backup-all-mysql.sh > $USERDIR/docker/mariadb/backup-all-mysql.sh
Attempting to do so yields the following output:
Unable to find image 'dsteinkopf:latest' locally
docker: Error response from daemon: pull access denied for dsteinkopf, repository does not exist or may require 'docker login': denied: requested access to the resource is denied.
See 'docker run --help'.
Hello,
Thanks for the amazing help with your repo! I'm trying to migrate from Traefik 1.7 to 2.2 (fresh install server) and one of the migration steps is nextcloud. After using the YML from your repo for nextcloud I'm not able to get the container to use the SSL certificate from Traefik instead of the one from Linuxserver.io. Do you have any pointers? Thanks a lot!
Hey, thanks for all of these great containers. I am unable to reach this one via unifi.domainname.
The only I can reach the container is via https://10.0.0.216:8443, which isnt really making sense to me.
Would you be able to help?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.