Document the insecure headers in traefik proxy configuration #4607
unsync
started this conversation in
Improvement Requests
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi !
I've lost a ridiculous amount of time configuring some services because of a simple configuration trick.
I'm using domains managed by cloudflare (proxied to benefit from CF features), as a result the ssl certificates are provided by cloudflare.
I went through hoops and loops for some services with redirection loops and things like that.
My recent solution was to setup the FQDNs of services with the
httpprotocol, which worked but then my services were (for some) using this FQDN in their config, responding with the http protocol when it should have been https for the service to work properly.Long story short, the default traefik configuration do not pass the forwarded headers by default :
https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers
That is opinionated, but that's not the question here ^^
So, in my case i just had to set this in my server proxy configuration:
And now i can setup
httpsFQDNs on my services without redirection loops, all my apps are aware of their https urls, everything works fine 🚀The request
Could you, in the place you deem fit in the documentation, add information about this setting ?
Even with a warning about it being insecure, but to at least save the hassle of finding this out by ourselves ?
I think the cloudflare domains + coolify setup might be a pretty common one :)
Beta Was this translation helpful? Give feedback.
All reactions