Good evening to all,
I come to see you because it's been 3 days that I try desperately to deploy a self-signed certificate for a wordpress site.
If I trust the logs I've seen in the last few hours I'm almost there! But for the moment I can't get the desired result! The code looks good, but something escapes me and by dint of being on it I end up not seeing it very clearly!
The last logs I had access to said this:
"\x16\x03\x01\x02" 400 484 "-" "-"
After checking it would be the first handshake for a connection attempt via TLS.
At the moment, I could not access anything, the problem should not be very serious, but as said earlier by dint of being too much on it we end up not seeing clearly, so before breaking all my Config I prefer to ask for help.
Here are my different configuration files:
docker.yml
version: "3.3" #Version de docker utiliséservices: #Listes des servces
traefik:
image: "traefik:latest"
container_name: "traefik"
restart: unless-stopped
#command:
#- "--log.level=DEBUG"
# - "--api.insecure=true"
# - "--providers.docker=true"
# - "--providers.docker.exposedbydefault=false"
# - "--entrypoints.web.address=:80"
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./traefik/traefik.yml:/Users/arawaks/Documents/Programmation/docker and traefik/Trainings/traefik.yml:ro
- ./traefik/config.yml:/Users/arawaks/Documents/Programmation/docker and traefik/Trainings/config.yml:ro
- ./certs:/Users/arawaks/Documents/Programmation/docker and traefik/Trainings/certs:ro
networks:
- proxy
labels:
# Permettre à ce conteneur d'être accessible par traefik
# Pour plus d'information, voir : Traefik Docker Documentation - Traefik
- "traefik.enable=true"
# Utilise la configuration du routeur "traefik" définie dans le fichier de configuration dynamique : ./traefik/config.yml
- "traefik.http.routers.traefik=true"wordpress:
image: "wordpress:latest"
container_name: "service-wordpress"
labels:- "traefik.enable=true" - "traefik.http.routers.wordpress.rule=Host(`test.fr`)" - "traefik.http.routers.wordpress.entrypoints=proxy" - "traefik.http.routers.wordpress.tls=true" - "traefik.http.services.wordpress.loadbalancer.server.port=4400" networks: - proxy ports: - "4400:443"
mysql:
image: mysql:latest
container_name: mysql-wordpress
labels:
- "traefik.enable=true"
- "traefik.http.routers.mysql.rule=Host(test.fr
)"
- "traefik.http.routers.mysql.entrypoints=web"
- traefik.tcp.routers.mysql.rule=HOSTSNI('*')
- traefik.tcp.routers.mysql.entrypoints=web
# - "traefik.http.routers.dashboard.entrypoints=web"
ports:
- 3306:3306
networks:
- proxy
environment:
- MYSQL_ROOT_PASSWORD=a
- MYSQL_DATABASE=wordpress
- MYSQL_PASSWORD=a
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"networks:
proxy:
external: true
Traefik.yml
#CONFIGURATION FICHIER STATIQUE
#LES FICHIERS STATIQUES SONT LES SERVICES
#QUI S'ACTIVENT AU DEMARRAGE
# _1 : Definir le point d'entrée (et donc le ports) qui sera à l'écoute.
entryPoints:
web:
address: 8081 #Ecoute sur le port 8081 et sur l'interface nommé "web"
#providers: #Decouvre les services qui vivent sur l'infracstructures (docker dans ce cas ci)
# docker: {}
# tls:
# ca: "/Users/arawaks/Documents/Programmation/docker and traefik/Trainings/traefik-v2-https-ssl-localhost/certs"
# cert: /Users/arawaks/Documents/Programmation/docker and traefik/Trainings/traefik-v2-https-ssl-localhost/certs/local-cert.pem"
# key: /Users/arawaks/Documents/Programmation/docker and traefik/Trainings/traefik-v2-https-ssl-localhost/certs/local-key.pem"
# insecureSkipVerify: true
#network: web
global:
sendAnonymousUsage: false
api:
dashboard: true
insecure: true
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
watch: true
exposedByDefault: false
file:
filename: config.yml
watch: true
log:
level: INFO
format: common
entryPoints:
http:
address: ":80"
http:
redirections:
entryPoint:
to: https
scheme: https
https:
address: ":443"
config.yaml
http:
routers:
traefik:
rule: "Host(`test.fr`)"
service: "api@internal"
tls:
domains:
- main: "test.fr"
sans:
- "*.test.fr"
- main: "domain.local"
sans:
- "*.domain.local"
tls:
certificates:
- certFile: "/Users/arawaks/Documents/Programmation/docker and traefik/Trainings/certs/local-cert.pem"
keyFile: "/Users/arawaks/Documents/Programmation/docker and traefik/Trainings/certs/local-key.pem"
I forgot to mention it above, but as you probably saw in the conf files I'm using docker, the final goal being that my wordpress site goes through a cloudflare tunnel, except that wordpress creates redirection problems (other services don't so I'm pretty sure it's coming from wordpress) so I want to auto-sign the site to see if that fixes the problem.
Currently I have a 404 page, everywhere, I had to do something in the fatigue that worsened the situation, it should not be very serious, my main problem remaining to use my wordpress container with a certificate.
A big thank you in advance to all