CVJoint
Unable to reach via unifi.domain
Hey, thanks for all of these great containers. I am unable to reach this one via unifi.domainname.
The only I can reach the container is via https://10.0.0.216:8443, which isnt really making sense to me.
Would you be able to help?
I tried to use the alt method as well, but get a "unifi.domainname has a security policy called HTTP Strict Transport Security (HSTS), which means that Firefox can only connect to it securely. "
[tcp.routers]
[tcp.routers.unifi-rtr]
entryPoints = ["https"]
rule = "HostSNI(`unifi.domainname`)"
service = "unifi-svc"
[tcp.routers.unifi-rtr.tls]
certresolver = "dns-cloudflare"
passthrough = true
[tcp.services]
[tcp.services.unifi-svc]
[tcp.services.unifi-svc.loadBalancer]
passHostHeader = true
[[tcp.services.unifi-svc.loadBalancer.servers]]
address = "10.0.0.216:8443"
`
My Unifi controller is running off of a raspberry pi (separate from my Traefik host), so I'm using the alt method you mention above. If they were on the same host I would try to use labels similar to how the Nextcloud container is set up.
I also have my internet traffic proxied through Cloudflare (orange cloud) and I know that when I've messed with the HSTS settings in Cloudflare I've seen those type of errors.
@bigverm23 The Unifi Controller creates it's own, self-signed certificate at installation time. Firefox does not accept that kind of certificates anymore. In my setup, I have created my own certificate authority using EasyRSA and then issued a certificate for the Unifi URL. My root certficate is imported into Firefox (Firefox uses it's own certficate store, not the operating systems certfificate store).
