CODEWITHSUNDEEP
traefiktraefik-ingress
Deano
Deano

Reputation: 12190

Traefik 2.2 http to https redirect

I'm following the guide and I'm able to access my website via HTTP and HTTPs however redirect is not working for me, any ideas on what might be wrong?

# IngresRoute
---
kind: IngressRoute
apiVersion: traefik.containo.us/v1alpha1
metadata:
  name: whoami
  namespace: default

spec:
  entryPoints:
  web:
    address: :80
    http:
      redirections:
        entryPoint:
          to: websecure
          scheme: https
          permanent: true

  websecure:
    address: :443

  routes:
  - match: Host(`hello.mydomain.io`)
    kind: Rule
    services:
    - name: whoami
      port: 80
  tls: {}

Upvotes: 2

Views: 3852

Answers (2)

Orabîg
Orabîg

Reputation: 11992

I have a working configuration which uses Ingress objects instead of IngressRoute , but I hope this will help some people :

Thus, here is a working configuration :

apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: redirect
  namespace: some_namespace
spec:
  redirectScheme:
    scheme: https
    permanent: true

and

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: wordpress
  namespace: your_app_namespace
  annotations:
    kubernetes.io/ingress.class: traefik
    traefik.ingress.kubernetes.io/router.middlewares: some_namespace-redirect@kubernetescrd
spec:
  tls:
    - secretName: your_certificate
      hosts:
        - www.your_website.com
  rules:
    - host: www.your_website.com
      http:
        paths:
          - path: /
            backend:
              service:
                name: your_service
                port:
                  number: 80
            pathType: ImplementationSpecific

So the trick is to :

  • define a Middleware object (in any namespace you want, but that may be in the same one as your app)
  • reference it in traefik.ingress.kubernetes.io/router.middlewares with the syntax <NAMESPACE>-<NAME>@kubernetescrd (where NAMESPACE and NAME are those of the Middleware object)

Upvotes: 1

Pseudos
Pseudos

Reputation: 111

I use Docker compose, so might not be spot on for you. But suggestion is to add a scheme redirect middleware to your dynamic config file.

http:
  middlewares:
    https_redirect:
      redirectScheme:
        scheme: https
        permanent: true

Or just add the middleware to your service if you don't have access to the Traefik configs.

I prefer the dynamic config, because then you can register it on any service as required using https_redirect@file.

You do need a router per entrypoint though, using this method. And register the middleware on only the http router.

I'm sure there are other, better ways. But if you need some apps automatically redirecting and some not this is the best solution I've found thusfar.

Upvotes: 1

Related Questions