issues running docker traefik v2.0 to use self signed certificate

Question

i am trying to run docker traefik v2.0 to use self signed certificates

here is my traefik.toml file

logLevel = "DEBUG"
defaultEntryPoints = ["http", "https"]
[entryPoints]
  [entryPoints.http]
  address = ":80"
  [entryPoints.https]
  address = ":443"
  [entryPoints.https.tls]
    [[entryPoints.https.tls.certificates]]
    certFile = "/certs/server.crt"
    keyFile = "/certs/server.key"

and here is my traefik.yaml docker-compose file version: '3.5'

services:
  traefik:
    image: traefik:v2.0
    container_name: traefik
    restart: always
    networks:
      - traefik_network
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./traefik.toml:/traefik.toml
      - ./certs:/certs/
    command:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"

networks:
  traefik_network:
     name: traefik_network

the certificates are in the folder certs/server.crt and certs/server.key

but when i run the docker-compose for traefik i get the following error

Attaching to traefik
traefik    | 2019/10/20 21:08:11 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:08:14 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:08:17 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:08:19 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:08:22 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:08:24 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:08:29 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:08:36 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:08:50 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:09:16 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:10:08 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:11:09 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:11:14 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:11:17 command traefik error: field not found, node: tls
traefik    | 2019/10/20 21:11:19 command traefik error: field not found, node: tls

anyone know what the issue is? thanks

Answer 1

According to the migration documentation from Traefik v1 to v2, the configuration of TLS is not in the entrypoint anymore, but in a router's configuration instead :

You have to define a router (following the migration documentation if you still use v1's frontends / backends) that will look like

[http.routers]
  [http.routers.Router-1]
    rule = "Host(`bar.com`)"
    service = "service-id"
    [http.routers.Router-1.tls]
      options = "myTLSOptions"

    # will terminate the TLS request

in which you can use myTLSOptions as a reference to a TLS option section defined like so:

[tls.options]
  [tls.options.myTLSOptions]
    minVersion = "VersionTLS13"
    cipherSuites = [
        "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
        ...
        ]
    ...

The certificates' location is in a separate config entry:

[[tls.certificates]]
    certFile = "/certs/server.crt"
    keyFile = "/certs/server.key"

Notice that you can also use a different format for your config in v2: you can do more than before with docker labels and if you prefer, you could instead also change from toml to yaml.