Hi,
I've been switching from nginx-proxy to traefik, using a step-ca ACME provider.
This works fine for my services that are beind traefik, yet I can't seem to get it to work for the traefik dashboard itself.
Traefik is running in docker.
I have the following static conf traefik.yaml
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
network: internal
log:
level: INFO
api:
dashboard: true
accesslogs: {}
certificatesResolvers:
stepca:
acme:
caServer: "https://smallstep-ca.internal:9000/acme/acme/directory"
email: "mymail@tld.org"
storage: "/etc/traefik/acme.json"
certificatesDuration: 2160
tlsChallenge: true
entryPoints:
http:
address: ":80"
http:
redirections:
entryPoint:
to: https
scheme: https
https:
address: ":443"
http:
tls:
certresolver: stepca
I'm passing these labels with the traefik container:
"traefik.http.routers.dashboard.rule=Host(`traefik.home.lan`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
"traefik.http.routers.dashboard.service=api@internal"
"traefik.http.routers.dashboard.middlewares=auth"
"traefik.http.middlewares.auth.basicauth.users=admin:<myhashhere>"
Traefik doesn't seem to request a cert for traefik.home.lan, and hence only serves me the default traefik cert.
Am I missing something somewhere?