Traefik error 504

kanbananas · 4 January 2024 13:07

I followed the Full docker example with Traefik 2 and I’m getting a 504 timeout.

The Traefik status looks good for HTTP Routers and Services, certs assigned, no errors in the log (except the 504). The Vikunja logs look good for api-1, db-1, and frontend-1 (although there are no further log entries after the initial up). In the Vikunja docker-compose.yml, I’m using endpoints “websecure” and certResolver “letsencrypt”.

Using Traefik 2.10.7, docker compose 2.23.3. Traefik docker-compose.yml:

services:
traefik:
image: traefik:latest
command:
- “–log.level=WARN”
- “–accesslog=true”
- “–api.dashboard=true”
- “–api.insecure=true”
- “–ping=true”
- “–ping.entrypoint=ping”
- “–entryPoints.ping.address=:8082”
- “–entryPoints.web.address=:80”
- “–entryPoints.websecure.address=:443”
- “–providers.docker=true”
- “–providers.docker.endpoint=unix:///var/run/docker.sock”
- “–providers.docker.exposedByDefault=false”
- “–certificatesresolvers.letsencrypt.acme.tlschallenge=true”
- “--certificatesresolvers.letsencrypt.acme.email=my@email.com”
- “–certificatesresolvers.letsencrypt.acme.storage=/etc/traefik/acme/acme.json”
- “–global.checkNewVersion=true”
- “–global.sendAnonymousUsage=false”
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /data/traefik/ssl:/etc/traefik/acme
env_file:
- ./.env
ports:
- “80:80”
- “443:443”
healthcheck:
test: [“CMD”, “wget”, “http://localhost:8082/ping","--spider”]
interval: 10s
timeout: 5s
retries: 3
start_period: 5s
labels:
- “traefik.enable=true”
- “traefik.http.routers.dashboard.rule=Host(traefik.mydomain.com)”
- “traefik.http.routers.dashboard.service=api@internal”
- “traefik.http.routers.dashboard.entrypoints=websecure”
- “traefik.http.services.dashboard.loadbalancer.server.port=8080”
- “traefik.http.routers.dashboard.tls=true”
- “traefik.http.routers.dashboard.tls.certresolver=letsencrypt”
- “traefik.http.services.dashboard.loadbalancer.passhostheader=true”
- “traefik.http.routers.dashboard.middlewares=authtraefik”
- “traefik.http.middlewares.authtraefik.basicauth.users=${BASICAUTH_USER}:${BASICAUTH_PASSWORD}”
- “traefik.http.routers.http-catchall.rule=HostRegexp({host:.+})”
- “traefik.http.routers.http-catchall.entrypoints=web”
- “traefik.http.routers.http-catchall.middlewares=redirect-to-https”
- “traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https”
restart: unless-stopped

kanbananas · 4 January 2024 13:20

Just to add: going to the site gives a 504 for vikunja-frontend@docker and going to /api/v1/info gives a 504 for vikunja-api@docker.

kolaente · 4 January 2024 15:29

Are you able to use other services with a similar traefik config successfully?

kanbananas · 4 January 2024 15:52

I have BookStack up and running with that config.

kolaente · 4 January 2024 18:35

Are the api and frontend in the same docker network as traefik?

kanbananas · 4 January 2024 19:26

Yes, they’re both in the web and default networks, as specified in the yml example. I created the web network manually in docker (‘docker network create web’), otherwise I get an error that it’s not found.

kolaente · 4 January 2024 19:44

It looks like your traefik is not in the web network though?

kanbananas · 4 January 2024 19:57

You’re right:

I see vikunja-frontend-1 and vikunja-api-1 in the web network.
And vikunja-frontend-1, vikunja-api-1, and vikunja-db-1 in the vikunja_default network.
Traefik and BookStack are sharing their own network…

Hmm… Do you know off-hand how to get them on the same network? If not, I’ll do my homework and share the results here.

kolaente · 4 January 2024 20:24

In the docker compose example you linked:

    networks:
      - web
      - default

Add the network key to the docker compose file and it should work.

kanbananas · 4 January 2024 20:31

The network details above are from using those docker compose networks values. And they’re getting used, but traefik isn’t including itself in those networks for some reason.

kolaente · 5 January 2024 09:28

Well it doesn’t do that because you didn’t specify it. Add the networks section from Vikunja’s docker compose to the traefik configuration and it should work.

kanbananas · 5 January 2024 13:52

Sorry, I must not be explaining myself well. This:

networks:
      - web
      - default

was already included in the docker-compose.yml file I used. I copied the Full Docker example with Traefik 2 verbatim (except, of course, the updated domain, entrypoint, and tls cert resolver).

As a result, Vikunja is in the web and default networks. But Traefik is not in those networks.

kolaente · 5 January 2024 14:11

But the traefik docker-compose.yml you shared earlier does not contain that section. It won’t auto-join docker networks only because you specified them in the traefik config.

kanbananas · 5 January 2024 14:16

Ah, gotcha, I see what you mean now. Yeah, makes sense, let me try that.