How to use Drone behind Traefik? Error: received bogus greeting from client

Question

I'm trying to setup an standalone docker installation with drone, traefik and other services, with the following configuration:

version: '2'
volumes:
  drone-data:
  gogs-db-data:
  gogs-data:
  gogs-conf:

services:
  #Database for Gogs - PostGres
  gogsdb:
    image: postgres:9.6
    restart: always
    labels:
      - com.ansible.role=postgres
    env_file:
     - .env/gogsdb.env
    volumes:
     - gogs-db-data:/var/lib/postgresql/data

  # Go Git Service. Version Control
  gogs:
    image: gcavalcante8808/docker-gogs
    restart: always
    labels:
      - com.ansible.role=drone-server
      - "traefik.frontend.rule=Host:gogs.cluster.local;PathPrefix:/"
      - "traefik.port=3000"
      - "traefik.docker.network=management-default"
      - "traefik.enabled=true"
    env_file:
     - .env/gogs.env
    volumes:
     - gogs-data:/home/git/gogs-repositories
     - gogs-conf:/home/git/gogs/custom
    ports:
     - "2222:2222"
    depends_on:
     - gogsdb

  # Drone Server - CI/CD Support.
  drone-server:
    image: drone/drone:latest
    ports:
     - 8000:8000
    env_file:
     - .env/drone-server.env
    volumes:
      - drone-data:/var/lib/drone/
    labels:
      - com.ansible.role=drone-server
      - "traefik.frontend.rule=Host:drone.cluster.local;PathPrefix:/"
      - "traefik.port=9000"
      - "traefik.docker.network=management-default"
      - "traefik.enabled=true"
    extra_hosts:
     - "drone.cluster.local:127.0.0.1"
    restart: always

  # Drone Agent - Latest
  drone-agent:
    image: drone/agent:latest
    command: agent
    restart: always
    env_file:
     - .env/drone-server.env
    depends_on:
      - drone-server
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

  # Traefik - Reverse Proxy
  traefik:
    image: traefik:1.5
    volumes:
     - /var/run/docker.sock:/var/run/docker.sock:ro
    ports:
    - 80:80
    - 443:443
    - 8080:8080
    command: --logLevel=DEBUG \
             --docker \
             --docker.domain=cluster.local
             --docker.watch
             --web

In my case, my drone-server is configured to use the address http://drone.cluster.local and I can access it through the port 8000 (http://drone.cluster.local:8080) which is mapped on docker-compose.yml file.

But if I Try to access the address http://drone.cluster.local (which passes through Traefik) I just receive an "Internal Server Error" and the drone show the following messages in its log:

INFO: 2018/01/09 02:58:31 transport: http2Server.HandleStreams received bogus greeting from client: "GET / HTTP/1.1\r\nHost: dr"

Some other info

The Drone ENV file have the following definitions:

DRONE_OPEN=true
DRONE_HOST=http://drone.cluster.local
DRONE_GOGS=true
DRONE_GOGS_URL=http://gogs:3000/  
DRONE_SECRET=test-secret
DRONE_SERVER=drone-server:9000
DRONE_ADMIN=gogs-admin

I can reach the "cluster.local" address using my hosts file as following:

127.0.0.1 semaphore.cluster.local drone.cluster.local gogs.cluster.local

For now, I don't have any TLS configurations.

Question

With all the information provided in mind, how can I solve this Traefik->Drone issue? Or at least, circunvect the "received bogus greeting from client" problem.

Thanks in advance.

Color · Accepted Answer · 2018-04-21T13:03:46.593

You have to enable https with traefik.

Basic traefik https config(be care of email):

logLevel = "INFO"

defaultEntryPoints = ["http", "https"]

[entryPoints]
  [entryPoints.http]
  address = ":80"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]

[acme]
email = "traefik@your.domain"
storage = "/etc/traefik/acme/acme.json"
onHostRule = true
entryPoint = "https"
  [acme.httpChallenge]
  entryPoint = "http"

Basic drone compose file(you should understand this config, don't copy them, they won't work):

version: '3.6'
services:
  traefik:
    image: traefik:v1.6-alpine
    command: --api --docker
    labels:
      - "traefik.backend=traefik"
      - "traefik.frontend.rule=Host:traefik.your.domain"
      - "traefik.frontend.auth.basic=admin:$$apr1$$Tqxx8LG$$0RS0xxxq7cEb0"
      - "traefik.enable=true"
      - "traefik.docker.network=gateway_traefik"
      - "traefik.port=8080"    
    ports:
      - "80:80"
      - "443:443"
    networks:
      - traefik
    volumes:
      - type: bind
        source: /var/run/docker.sock
        target: /var/run/docker.sock
        read_only: false
      - type: bind
        source: /mnt/data/traefik/traefik.toml
        target: /traefik.toml
        read_only: false  
      - type: bind
        source: /mnt/data/traefik/acme
        target: /etc/traefik/acme
        read_only: false
    deploy:
      replicas: 1
networks:
  traefik:
    name: gateway_traefik
    external: true

How to use Drone behind Traefik? Error: received bogus greeting from client

Some other info

Question

1 Answers1