使用 traefik 将 www 重定向到非 www

Question

我正在使用 docker-compose 来启动一些服务并将 traefik 作为反向代理。我已正确配置 http 到 https 重定向，但是 www 到非 www 的重定向不起作用，我不确定我是否做错了什么。这里下来一个sn-p的配置：

version: "3.3"

services:

  traefik:
    image: "traefik:v2.1"
    container_name: "traefik"
    restart: always
    logging:
      driver: "json-file"
      options:
        max-size: "50m"
    command:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
      - "--certificatesresolvers.letsencrypt.acme.email=myemail@gmail.com"
      - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "./data/letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.rule=Host(`traefik_dashboard.mydomain.com`)"
      - "traefik.http.routers.traefik.tls=true"
      - "traefik.http.routers.traefik.service=api@internal"
      - "traefik.http.routers.traefik.entrypoints=websecure"
      - "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
      - "traefik.http.routers.traefik.middlewares=traefik-auth"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=admin:somepass"
      # middleware redirect
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"

  myservice:
    image: prestashop/prestashop:1.7
    restart: always
    container_name: "myservice"
    logging:
      driver: "json-file"
      options:
        max-size: "50m"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.myservice.rule=Host(`myservice.com`)"
      - "traefik.http.routers.myservice.entrypoints=websecure"
      - "traefik.http.routers.myservice.tls.certresolver=letsencrypt"
      - "traefik.http.routers.myservice.middlewares=redirect-to-https"

      - "traefik.http.routers.cdn_myservice.rule=Host(`cdn.myservice.com`)"
      - "traefik.http.routers.cdn_myservice.entrypoints=websecure"
      - "traefik.http.routers.cdn_myservice.tls.certresolver=letsencrypt"
      - "traefik.http.routers.cdn_myservice.middlewares=redirect-to-https"
      
      - "traefik.http.routers.www_myservice.rule=Host(`www.myservice.com`)"
      - "traefik.http.routers.www_myservice.entrypoints=web"
      - "traefik.http.middlewares.www_myservice-redirect.redirectregex.regex=^https?://www\\.myservice\\.com(.*)"
      - "traefik.http.middlewares.www_myservice-redirect.redirectregex.replacement=http://myservice.com$${1}"
      - "traefik.http.middlewares.www_myservice-redirect.redirectregex.permanent=true"
      - "traefik.http.routers.www_myservice.middlewares=www_myservice-redirect"

Answer 1

我想知道正则表达式是否有些古怪，或者它是如何从 Docker 传递到 Traefik 的——我尝试并放弃了使用 redirectregex，但我能够使用 use SSLForceHost fine：

- "traefik.http.routers.myservice.rule=Host(`myservice.com`, `www.myservice.com`)"
- "traefik.http.routers.myservice.middlewares=${STACK_NAME}-redirect"
- "traefik.http.middlewares.myservice-redirect.headers.SSLForceHost=true"
- "traefik.http.middlewares.myservice-redirect.headers.SSLHost=myservice.com"

这会将重定向组合到主服务上（即，而不是将其添加到www_myservice）；我个人在traefik.yml 中设置了一个全局 HTTP → HTTPS 重定向，但我想它应该可以像你一样为每个服务设置它——只要确保SSLForceHost 位于启用 SSL 的那个！