Mailcow Reverse Proxy using Traefik not routing to the correct Nginx Service

Question

I am trying to follow the community documentation on mailcow dockerized and I am using Traefik as my load balancer.

I have successfully obtained a SSL certificate and the certdump is working as expected when I check the logs.

The issue I have having is that the nginx-mailcow container is not receiving the requests when I visit mail.example.com . My Traefik logs show this:

level=error msg="entryPoint \"secure\" doesn't exist" routerName=moo@docker entryPointName=secure level=error msg="no valid entryPoint for this router" routerName=moo@docker

My docker-compose.override.yml looks like this (not much different to the community documentation):

version: '2.1' 
  services:
    nginx-mailcow:
      networks:
        traefik:
        web:
      labels:
      - traefik.enable=true
      - traefik.http.routers.moo.rule=Host(`${MAILCOW_HOSTNAME}`)
      - traefik.http.routers.moo.tls=true
      - traefik.http.routers.moo.tls.certresolver=godaddy
      - traefik.http.routers.moo.middlewares=redirect@file
      - traefik.http.routers.moo.service=nginx-mailcow
      - traefik.http.services.moo.loadBalancer.passHostHeader=true
      - traefik.http.middlewares.https-redirect.redirectscheme.scheme=https
      - traefik.http.middlewares.https-redirect.headers.customrequestheaders.X-Forwarded-Proto=https
      - traefik.http.routers.moo.middlewares=https-redirect
      - traefik.http.services.moo.loadbalancer.server.port=80
      - traefik.http.routers.moo.entrypoints=secure
      - traefik.docker.network=web
  certdumper:
    image: humenius/traefik-certs-dumper
    container_name: traefik_certdumper
    network_mode: none
    volumes:
    - acme:/traefik:ro
    - ./data/assets/ssl/:/output:rw
    environment:
    - DOMAIN=${MAILCOW_HOSTNAME}    
networks:
  traefik:
    external: true
  web:
    external: true
volumes:
  acme:
    name: "traefik_acme"

Can anyone see what I am doing wrong?

I have also tried with only:

labels:
- traefik.enable=true
- traefik.http.routers.moo.rule=Host(`${MAILCOW_HOSTNAME}`)
- traefik.http.routers.moo.tls=true
- traefik.http.routers.moo.tls.certresolver=godaddy
- traefik.http.services.moo.loadbalancer.server.port=80
- traefik.http.routers.moo.entrypoints=secure
- traefik.docker.network=web

This still did not work.

Answer 1

When you define a name for a service, you must use the same name in your service configuration, like this:

• traefik.http.routers.moo.service= nginx-mailcow
• traefik.http.services. moonginx-mailcow .loadBalancer.passHostHeader=true

The loadBalancer.servers (notice the s in servers) doesn't have a port key, only url :

• traefik.http.services.moo.loadbalancer.server.port=80
• traefik.http.services. nginx-mailcow .loadbalancer.servers.url=['http://nginx-mailcow:80']

But as you are using defaults, you can omit all of the above =)

One more thing, I don't know how your Traefik container is configured but if your Traefik is running with a defined traefik network (internal) and a web network (public), you should use the traefik network in your Mailcow container as you want to route all external traffic through Traefik.

• traefik.docker.network=web

labels:
  - traefik.enable=true
  - traefik.http.routers.moo.rule=Host(`${MAILCOW_HOSTNAME}`)
  - traefik.http.routers.moo.tls=true
  - traefik.http.routers.moo.tls.certresolver=godaddy
  - traefik.http.routers.moo.middlewares=redirect@file
  - traefik.http.middlewares.https-redirect.redirectscheme.scheme=https
  - traefik.http.middlewares.https-redirect.headers.customrequestheaders.X-Forwarded-Proto=https
  - traefik.http.routers.moo.middlewares=https-redirect
  - traefik.http.routers.moo.entrypoints=secure
  - traefik.docker.network=traefik

#30daysofstackoverflow