I'm posting here, because I'm searching to self-host my personnal website (a wordpress) and sources codes of my others projects (a gitlab instance), with the help of Traefik reverse-proxy's.
Currently, when I try to visit the differents softwares as follow :
- (https://)traefik.mydomain.com : Dashboard of Traefik, it's OK
- (https://)www.mydomain.com : my wordpress website, it's OK.
But, when I try to visit :
- (https://)gitlab.mydomain.com : the webUI of Gitlab, I've got the error : 502 Bad Gateway.
But after manies attempts, if I visit again the gitlab webUI, after the end of the installation or after severals minutes (avg. 15 minutes), I've the same error : 502 Bad gateway.
If anybody have an idea , can you help me ?
This is my configuration file (docker-compose.yml) :
version: "3.7"
services:
traefik:
image: "traefik:latest"
container_name: "traefik"
hostname: traefik.mydomain.com
restart: always
networks:
- webgateway
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /srv/labs/traefik/traefik.toml:/etc/traefik/traefik.toml:ro
- /srv/labs/traefik/acme.json:/acme.json
- /srv/labs/traefik/traefik_dynamic.toml:/etc/traefik/traefik_dynamic.toml:ro
labels:
# http
traefik.enable: "true"
traefik.http.routers.traefik.rule: "Host(`traefik.mydomain.com`)"
traefik.http.routers.traefik.entrypoints: "web"
traefik.http.routers.traefik.service: "api@internal"
# https
traefik.http.middlewares.https-redirect.redirectscheme.scheme: "https"
traefik.http.middlewares.https-redirect.redirectscheme.permanent: "true"
traefik.http.routers.traefik.middlewares: "https-redirect@docker"
traefik.http.routers.traefik-https.entrypoints: "websecure"
traefik.http.routers.traefik-https.rule: "Host(`traefik.mydomain.com`)"
traefik.http.routers.traefik-https.tls: "true"
traefik.http.routers.traefik-https.tls.certresolver: "letsencrypt"
traefik.http.routers.traefik-https.middlewares: "dashboard-auth,security@file, compression@file"
# traefik dashboard auth
traefik.http.routers.traefik.middlewares: "dashboard-auth"
# traefik dashboard credentials
traefik.http.middlewares.dashboard-auth.basicauth.users: "login:$$apr1$$XFLC8oLD$$tufQCjkmmNkXfL.cm96E90"
db:
container_name: mariadb
hostname: bdd.mydomain.com
image: mariadb:latest
networks:
- wp
volumes:
- wp_db/:/var/lib/mysql/
restart: always
environment:
MYSQL_ROOT_PASSWORD: oC1rieph
MYSQL_DATABASE: wordpress
MYSQL_USER: wordpress
MYSQL_PASSWORD: oC1rieph
website:
depends_on:
- db
container_name: "wordpress"
hostname: www.mydomain.com
image: wordpress:latest
networks:
- wp
- webgateway
ports:
- 8000:80
volumes:
- wp_statics:/var/www/html/
restart: always
environment:
WORDPRESS_DB_HOST: db:3306
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: oC1rieph
labels:
traefik.enable: "true"
traefik.http.routers.website.rule: "Host(`www.mydomain.com`)"
traefik.http.routers.website.entrypoints: "web"
traefik.http.middlewares.https-redirect.redirectscheme.scheme: "https"
traefik.http.middlewares.https-redirect.redirectscheme.permanent: "true"
traefik.http.routers.website.middlewares: "https-redirect@docker"
traefik.http.routers.website-https.entrypoints: "websecure"
traefik.http.routers.website-https.rule: "Host(`www.mydomain.com`)"
traefik.http.routers.website-https.tls: "true"
traefik.http.routers.website-https.tls.certresolver: "letsencrypt"
traefik.http.routers.website-https.middlewares: "security@file, compression@file"
gitlab:
container_name: "gitlab"
hostname: 'gitlab.mydomain.com'
image: 'gitlab/gitlab-ce:latest'
restart: always
networks:
- webgateway
ports:
- '2200:22'
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://gitlab.mydomain.com'
gitlab_rails['gitlab_shell_ssh_port'] = 2200
volumes:
- '/srv/gitlab/config:/etc/gitlab:Z'
- '/srv/gitlab/logs:/var/log/gitlab:Z'
- '/srv/gitlab/data:/var/opt/gitlab:Z'
- '/etc/localtime:/etc/localtime:ro'
labels:
traefik.enable: "true"
traefik.http.routers.gitlab-https.entrypoints: "websecure"
traefik.http.routers.gitlab-https.rule: "Host(`gitlab.mydomain.com`)"
traefik.http.routers.gitlab-https.tls: "true"
traefik.http.routers.gitlab-https.tls.certresolver: "letsencrypt"
traefik.http.routers.gitlab-https.middlewares: "security@file, compression@file"
traefik.http.routers.gitlab.rule: "Host(`gitlab.mydomain.com`)"
traefik.http.routers.gitlab.entrypoints: "websecure"
traefik.http.routers.gitlab.tls.certresolver: "letsencrypt"
traefik.http.routers.gitlab.middlewares: "gitlab-headers"
traefik.http.routers.gitlab.service: "gitlab"
traefik.http.middlewares.gitlab-headers.headers.customrequestheaders.X_FORWARDED_PROTO: "https"
traefik.http.middlewares.gitlab-headers.headers.customrequestheaders.X_Forwarded-Ssl=: "on"
traefik.http.middlewares.gitlab-headers.headers.customresponseheaders.X_FORWARDED_PROTO: "https"
traefik.http.middlewares.gitlab-headers.headers.customresponseheaders.X_Forwarded-Ssl: "on"
traefik.http.services.gitlab.loadbalancer.server.port: "80"
traefik.http.routers.gitlab-registry.rule: "Host(`gitlab-registry.mydomain.com`)"
traefik.http.routers.gitlab-registry.entrypoints: "websecure"
traefik.http.routers.gitlab-registry.tls.certresolver: "letsencrypt"
traefik.http.routers.gitlab-registry.service: "gitlab-registry"
traefik.http.services.gitlab-registry.loadbalancer.server.port: "5000"
cap_add:
- SYS_ADMIN
networks:
wp:
webgateway:
#webmail:
driver: bridge
volumes:
wp_db:
driver: local
driver_opts:
o: bind
type: none
device: /srv/mysql
wp_statics:
driver: local
driver_opts:
o: bind
type: none
device: /srv/wordpress/www
This is my hardware configuration :
- OS : Debian 10 x64
- CPU : Intel Celeron N3450
- Memory : 4Go DDR3
- Storage : SDD 128Go
- Network : avg. 300Mbps
