Hi… It seems we have the same problem.
In my case I had to use the commit (file docker-compose-traefik-letsencrypt.yml) with web instead of api, have no ideia ways it worked 
My url
https://openflow.codecenter.info/
Here’s my yml (with some changes made by me):
version: "3.3"
services:
# mongodb:
# image: "mongo"
# # if you get MongoDB 5.0+ require a CPU with AVX support, then try using version 4 instead
#
# # image: "mongo:4.4.8"
# restart: always
# volumes:
# - mongodb_data:/data/db
mongodb:
hostname: mongodb
image: "mongo"
restart: always
volumes:
- mongodb_data:/data/db
environment:
- MONGO_REPLICA_SET_NAME=rs0
command: "--bind_ip_all --replSet rs0"
ports:
- "27017:27017"
mongosetup:
image: "mongo"
depends_on:
- mongodb
restart: "no"
command: >
mongosh --host mongodb:27017 --eval
'
db = (new Mongo("mongodb:27017")).getDB("openrpa");
config = {
"_id" : "rs0",
"members" : [
{
"_id" : 0,
"host" : "mongodb:27017"
}
]
};
rs.initiate(config);
'
mongoexpress:
labels:
- "traefik.enable=true"
- "traefik.http.routers.mongoexpress.rule=Host(`express.openflow.codecenter.info`)"
- "traefik.http.routers.mongoexpress.entrypoints=websecure"
- "traefik.http.routers.mongoexpress.tls.certresolver=myresolver"
- "traefik.http.services.mongoexpress.loadbalancer.server.port=8081"
image: "mongo-express"
restart: always
environment:
- ME_CONFIG_MONGODB_SERVER=mongodb
traefik:
image: "traefik"
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`dashboard.openflow.codecenter.info`)"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.tls.certresolver=myresolver"
- "traefik.http.routers.api.service=api@internal"
- "traefik.http.routers.api.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
# - "traefik.http.routers.traefik.middlewares=admin"
# - "traefik.http.middlewares.admin.basicauth.users=admin:$$apr1$$iB.BZjJJ$$FmaZuX35eFCMe5t3a.OqR."
command:
- "--api.insecure=true" # enable with port 8080 to access dashboard, NEVER enable this for the public
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.http.tls.certresolver=myresolver"
#certificates
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.email=codecenter@codecenter.info"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
# middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# global redirect to https
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.redirs.entrypoints=web"
- "traefik.http.routers.redirs.middlewares=redirect-to-https"
ports:
- "80:80"
- "443:443"
- "8080:8080" # enable with api.insecure=true to access dashboard, NEVER enable this for the public
restart: always
volumes:
- "./letsencrypt:/letsencrypt"
- "//var/run/docker.sock:/var/run/docker.sock:ro"
rabbitmq:
labels:
- "traefik.enable=true"
- "traefik.http.routers.rabbitmq.rule=Host(`mq.openflow.codecenter.info`)"
- "traefik.http.routers.rabbitmq.entrypoints=websecure"
- "traefik.http.routers.rabbitmq.tls.certresolver=myresolver"
- "traefik.http.services.rabbitmq.loadbalancer.server.port=15672"
image: "rabbitmq:3-management"
restart: always
rediscommander:
labels:
- "traefik.enable=true"
- "traefik.http.routers.rediscommander.rule=Host(`redis.openflow.codecenter.info`)"
- "traefik.http.routers.rediscommander.entrypoints=websecure"
- "traefik.http.routers.rediscommander.tls.certresolver=myresolver"
- "traefik.http.services.rediscommander.loadbalancer.server.port=8081"
image: rediscommander/redis-commander:latest
restart: always
depends_on:
- redis
environment:
- REDIS_HOST=redis
- REDIS_PORT=6379
- REDIS_PASSWORD=pass!word2
redis:
image: redis
restart: always
command: >
--requirepass pass!word2
api:
labels:
- traefik.enable=true
- traefik.frontend.passHostHeader=true
- traefik.http.routers.http-router.entrypoints=websecure
- traefik.http.routers.http-router.tls.certresolver=myresolver
- traefik.http.routers.http-router.rule=Host(`openflow.codecenter.info`)
- traefik.http.routers.http-router.service=http-service
- traefik.http.services.http-service.loadbalancer.server.port=3000
- traefik.http.routers.grpc-router.rule=Host(`grpc.openflow.codecenter.info`)
- traefik.http.routers.grpc-router.service=grpc-service
- traefik.http.routers.grpc-router.entrypoints=websecure
- traefik.http.routers.grpc-router.tls.certresolver=myresolver
- traefik.http.services.grpc-service.loadbalancer.server.port=50051
- traefik.http.services.grpc-service.loadbalancer.server.scheme=h2c
image: "openiap/openflow"
deploy:
replicas: 1
pull_policy: always
restart: always
depends_on:
- rabbitmq
- mongodb
- redis
volumes:
- "//var/run/docker.sock:/var/run/docker.sock"
environment:
- auto_create_users=false
- auto_create_domains=
- websocket_package_size=25000
- websocket_max_package_count=1048576
- protocol=https
- port=3000
- domain=openflow.codecenter.info
- log_with_colors=false
# enable this to use the openflow amqp, only usefull when you have more than one replicas
- enable_openflow_amqp=true
- amqp_prefetch=25
# uncomment to add agents to the same docker compose project ( will breake running docker compose up -d if any agents running )
# - agent_docker_use_project=true
- agent_oidc_userinfo_endpoint=http://api:3000/oidc/me
- agent_oidc_issuer=https://openflow.codecenter.info/oidc
- agent_oidc_authorization_endpoint=https://openflow.codecenter.info/oidc/auth
- agent_oidc_token_endpoint=http://api:3000/oidc/token
- agent_docker_entrypoints=web,websecure
- agent_docker_certresolver=myresolver
- amqp_url=amqp://guest:guest@rabbitmq
- mongodb_url=mongodb://mongodb:27017
- mongodb_db=openrpa
- aes_secret=O1itlrmA47WzxPj95YHD2sZs7IchYaQI25mQ
- cache_store_type=redis
- cache_store_redis_host=redis
- cache_store_redis_password=pass!word2
volumes:
mongodb_data:
driver: local