Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Selfthosted - Docker + Traefik + HTTPS + Single User+Port #13367

Closed
gdomod opened this issue May 20, 2019 · 5 comments
Closed

Selfthosted - Docker + Traefik + HTTPS + Single User+Port #13367

gdomod opened this issue May 20, 2019 · 5 comments
Labels
lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale.

Comments

@gdomod
Copy link

gdomod commented May 20, 2019
edited
Loading

Description

i want to start my own IDE behind traefik reverse proxy.
Dashboard ist load, workspace is creating but no access

Request URL: https://EXAMPLE.com14355/api/keycloak/settings Request Method: GET Status Code: 404 Referrer Policy: no-referrer-when-downgrade

2nd Optional: at this time i have no luck to change the path of /dashboard url
"traefik.frontend.rule=Host:EXAMPLE.COM; PathPrefix: /che"
proxyed to EXAMPLE.COM/che/dashboard
but che is always to rewrite to EXAMPLE.COM/dashboard

MyConfig

`version: "3.6"
networks:
internal:
internal: true
external:
name: internal

services:
che:
image: "eclipse/che-server:6.19.0"
container_name: "che"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /root/config/che:/data
restart: always
environment:
- CHE_HOST=che.EXAMPLE.COM
- CHE_HOST_PROTOCOL=https
- CHE_SINGLE_PORT=true
- CHE_DOCKER_IP_EXTERNAL=che.EXAMPLE.COM
- CHE_PORT=9000
- CHE_API=http://che.EXAMPLE.COM:14355/api
networks:
- internal
labels:
- "traefik.enable=true"
- "traefik.backend=che"
- "traefik.frontend.rule=Host:che.EXAMPLE.COM"
- "traefik.port=9000"
- "traefik.docker.network=internal"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=EXAMPLE.COM"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=false`

Has anybody got traefik + che to work and can share with me the conf ?
@Mbd06b
Copy link

Mbd06b commented May 22, 2019
edited
Loading

I've been attempting to get a self-hosted setup using a FQDN(w/o a static IP), on and off since summer 2018.
I've tried establishing https connections with Apache2 and Nginx with SSL terminating proxies in front of the following che installations:

Docker single user
Docker multi-user
Kubernetes(minikube) single-user
Kubernetes(minikube) multi-user

I've probably fought with each of these configs for at least a couple of days each without ultimate success. There are difficulties everywhere. Little to no dynamic IP support in Kubernetes. Multiple ports for multi-user installs. Keycloak doesn't support https. No user authentication mechanism whatsoever for single-user installs. private-ip mappings try to launch ignoring host settings serving up behind a proxy on single installs. XmlHttpRequest requesting icon images over http (mixed content), broad docker port-ranges. Total mess. I'm learning tons about containers and cloud deployments, but I'm not sure what to try next, or what the best approach to take.

Closest I've ever gotten to a working environment is running Che(multi-user) in default_host mode totally unsecured over http, which is no good.

One day I'm going to get this thing working properly on my little cloud lab. I'll be checking back periodically until someone finally has a breakthrough getting Che to work properly with the internet. fire-server

@che-bot
Copy link
Contributor

che-bot commented Nov 20, 2019

Issues go stale after 180 days of inactivity. lifecycle/stale issues rot after an additional 7 days of inactivity and eventually close.

Mark the issue as fresh with /remove-lifecycle stale in a new comment.

If this issue is safe to close now please do so.

Moderators: Add lifecycle/frozen label to avoid stale mode.

@che-bot che-bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Nov 20, 2019
@che-bot che-bot closed this as completed Nov 27, 2019
@mstavares
Copy link

Hi,
I'm interested on this too. I have the same issue about traefik.

@mstavares mstavares mentioned this issue Feb 24, 2020
Closed
@Mbd06b
Copy link

Mbd06b commented Feb 24, 2020
edited
Loading

Hi,
I'm interested on this too. I have the same issue about traefik.

@mstavares
I was able to get eclipse che 7.4.0 multiuser to work with an nginx reverse proxy (with wildcard domain configuration) to a kubernetes(microk8s) install (note: docker install support is being deprecated),
I abandoned single-port install and allowed kubernetes to handle the subdomain vhost-routing within the cluster, you might find something that helps you with this traefik case. I put all my notes on this issue. #14788

@mstavares
Copy link

Hi @Mbd06b

I'm using eclipse che version 6.14 with docker :(
Seems that I'm no way out of this. Right now I'm able to access to the dashboard, I'm able to create a workspace but I get stuck on starting it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@gdomod @mstavares @Mbd06b @che-bot