Hi! I am new here and doing some experiments with traefik and whoami. I try to set and get the Letsencrypt cert but I still obtain following error:
traefik | time="2021-03-07T22:16:22Z" level=error msg="Unable to obtain ACME certificate for domains \"onbartikt.tplinkdns.com\": unable to generate a certificate for the domains [onbartikt.tplinkdns.com]: error: one or more domains had a problem:\n[onbartikt.tplinkdns.com] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: query timed out looking up A for onbartikt.tplinkdns.com\n" rule="Host(`onbartikt.tplinkdns.com`)" providerName=myresolver.acme routerName=whoami-secured@docker
Here is my docker-compose.yml:
version: "3.3"
services:
traefik:
image: "traefik:v2.4"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.secureweb.address=:443"
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myresolver.acme.httpchallenge=true"
#- "--certificatesresolvers.myhttpchallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myresolver.acme.email=mail@mail.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
whoami:
image: "traefik/whoami"
container_name: "simple-service"
labels:
- "traefik.enable=true"
# Get routes from http
- "traefik.http.routers.whoami.rule=Host(`doamin.tplinkdns.com`)"
- "traefik.http.routers.whoami.entrypoints=web"
# Redirect these routes to https
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.whoami.middlewares=redirect-to-https@docker"
# Get the routes from https
- "traefik.http.routers.whoami-secured.rule=Host(`domain.tplinkdns.com`)"
- "traefik.http.routers.whoami-secured.entrypoints=secureweb"
# Apply autentificiation with http challenge
- "traefik.http.routers.whoami-secured.tls=true"
- "traefik.http.routers.whoami-secured.tls.certresolver=myresolver"
I was inspired by this thread
True is, that domain is given by tplink DDNSservice and it is just for experiments. But I am planning to get regular domain. Could this be the problem? All my ports are forwarded throught the router, so there shouldn not be any problems.
I have one extra question. Is there any other way how to connect more middleware stuff to some route, than use the chain mechanism?
Thanks a milion for any answers.
onbartik