I've been trying to set up ACME and a new website, however i'm having a few issues. I can't connect to the website over HTTP or HTTPS (i just get a 404) and ACME fails with Unauthorized due to 404. This goes for every website i have set up.
Compose files:
version: "3.4"
services:
giveip:
image: ghcr.io/randomairborne/giveip
restart: always
networks:
- proxy
ports:
- "8080:8080"
deploy:
labels:
traefik.enable: "true"
traefik.http.routers.giveip.rule: Host(`giveip.io`) || Host(`www.giveip.io`) || Host(`v4.giveip.io`) || Host(`v6.giveip.io`)
traefik.http.routers.giveip.entrypoints: https
traefik.http.routers.giveip.tls.certresolver: letsencrypt
traefik.http.services.giveip.loadbalancer.server.port: 8080
traefik.http.middlewares.giveip-mw.headers.accesscontrolalloworiginlist: https://giveip.io,https://www.giveip.io
traefik.http.routers.giveip.middlewares: giveip-mw
traefik.http.routers.giveip-plaintext.rule: Host(`giveip.io`) || Host(`www.giveip.io`) || Host(`v4.giveip.io`) || Host(`v6.giveip.io`)
traefik.http.routers.giveip-plaintext.entrypoints: http
This file has been truncated. show original
Compose for Traefik:
version: '3.7'
services:
traefik:
image: traefik:v2.7
ports:
- target: 80
published: 80
mode: host
- target: 443
published: 443
mode: host
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /etc/traefik/acme/acme.json:/acme.json
networks:
- proxy
deploy:
labels:
- traefik.enable=false
command:
- --log.level=DEBUG
- --providers.docker
- --providers.docker.swarmmode=true
- --providers.docker.network=proxy
- --entrypoints.http=true
- --entrypoints.http.address=:80
- --entrypoints.http.http.tls.options
- --entrypoints.https=true
- --entrypoints.https.address=:443
- --entrypoints.https.http.tls.options
- --certificatesresolvers.letsencrypt=true
- --certificatesresolvers.letsencrypt.storage
- --certificatesresolvers.letsencrypt.acme.httpchallenge=true
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http
- --certificatesresolvers.letsencrypt.acme.email=me@mywebsite.com
networks:
proxy:
external: true
This is running on a Docker Swarm controlled by Portainer.
i don’t have dashboard enabled, because apparently having that in production is not good
Technically speaking, having a dashboard running on production does not have any side effects for your environment concerning all aspects e.g. performance, security etc. Once you have the dashboard protected there is no risk with having that deployed in any environment.
Please let me know your thoughts.
oh. i was just providing more information, someone elsewhere suggested i check that, so i’m working on it just in case. my original problem is above
looking on the acme-http router in the dashboard, it’s getting an error: “unknown TLS options: true@internal“
I fixed this by explicitly disabling TLS on the HTTP router, but i don’t quite understand why i had to
system
Closed
June 13, 2022, 5:14pm
7
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.