404 when trying to access traefik dashboard

Question

I try in a simple way to access traefik via the sub-domain traefik (traefik.DOMAIN.com). As soon as I gain access to it, the SSL Certificate is well functional but impossible to access the dashboard (404 error)

docker-compose.yml

version: '3'

services:
  reverse-proxy:
    image: traefik:v2.2
    container_name: traefik
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - $PWD/traefik.toml:/etc/traefik/traefik.toml
      - $PWD/acme.json:/acme.json
    restart: always
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.api.rule=Host(`traefik.DOMAIN.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
      - "traefik.http.routers.api.service=api@internal"
      - "traefik.http.routers.api.entrypoints=websecure"
    networks:
      - web
networks:
  web:
    external: true

traefik.toml

[api]
  dashboard = true

[entryPoints]
  [entryPoints.web]
    address = ":80"
    [entryPoints.web.http]
      [entryPoints.web.http.redirections]
        [entryPoints.web.http.redirections.entryPoint]
          to = "websecure"
          scheme = "https"

  [entryPoints.websecure]
    address = ":443"
      [entryPoints.websecure.http.tls]
        certResolver = "default"

[providers]
  [providers.docker]
    watch = true
    exposedByDefault = false
    network = "web"

[certificatesResolvers]
  [certificatesResolvers.default]
    [certificatesResolvers.default.acme]
      email = "EMAIL@gmail.com"
      storage = "acme.json"
      caServer = "https://acme-v01.api.letsencrypt.org/directory"
    [certificatesResolvers.default.acme.tlsChallenge]

Any ideas on how to make this work? I would like to eventually be able to install owncloud on a sub-domain

Answer 1

After reading the documentation and checking the logs in DEBUG mode I was able to make it work. The key here is the trailing / which is mandatory.

traefik.toml

[entryPoints]
  [entryPoints.web]
    address = ":80"
    [entryPoints.web.http]
      [entryPoints.web.http.redirections]
        [entryPoints.web.http.redirections.entryPoint]
          to = "websecure"
          scheme = "https"

  [entryPoints.websecure]
    address = ":443"
      [entryPoints.websecure.http.tls]
        certResolver = "default"


[providers]
  [providers.docker]
    watch = true
    exposedByDefault = false
    network = "web"


[log]
  level = "DEBUG"

[api]
  dashboard = true
  insecure = false

[accessLog]


[certificatesResolvers]
  [certificatesResolvers.default]
    [certificatesResolvers.default.acme]
      email = "EMAIL@gmail.com"
      storage = "acme.json"
      caServer = "https://acme-v01.api.letsencrypt.org/directory"
    [certificatesResolvers.default.acme.tlsChallenge]

docker-compose.yaml

version: '3'

services:
  reverse-proxy:
    image: traefik:v2.2
    container_name: traefik
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - $PWD/traefik.toml:/etc/traefik/traefik.toml
      - $PWD/acme.json:/acme.json
    restart: always
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.api.rule=Host(`traefik.mydomain.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
      - "traefik.http.routers.api.service=api@internal"
      - "traefik.http.routers.api.entrypoints=websecure"
    networks:
      - web
networks:
  web:
    external: true

Files

ls
acme.json  docker-compose.yaml  traefik.toml

• Now consider the following from the official documentation

curl -s -o /dev/null -w "%{http_code}" https://traefik.mydomain.com/dashboard/
200

curl -s -o /dev/null -w "%{http_code}" https://traefik.mydomain.com/dashboard
404

Here is the screenshot