Hi everyone, I'm having trouble generating certificates. The environment is docker swarm and here are my compose:
Traefik configuration:
version: '3'
services:
traefik:
image: traefik:v2.5
ports:
- "80:80"
- "443:443"
# (Optional) Expose Dashboard
- "8080:8080" # Don't do this in production!
networks:
- traefik-public
volumes:
# - /volume1/docker/traefik:/etc
- /var/run/docker.sock:/var/run/docker.sock:ro
- traefik-public-certificates:/certificates
command:
# Definizione configurazioni globali
- --global.checkNewVersion
- --global.sendAnonymousUsage
# Definizione configurazione dashboard
- --api.dashboard=true
- --api.insecure=true
- --api.debug=true # enable additional endpoints for debugging and profiling
- --log.level=DEBUG # debug while we get it working, for more levels/info see https://docs.traefik.io/observability/logs/
# Definizione degli entrypoints
- --entryPoints.web.address=:80
- --entryPoints.web.http.redirections.entryPoint.to=websecure
- --entryPoints.web.http.redirections.entryPoint.scheme=https
- --entryPoints.websecure.address=:443
# # Definizione del risolutore di certificati
# # Di staging
- --certificatesResolvers.staging.acme.email=giuseppe9909@gmail.com
- --certificatesResolvers.staging.acme.storage=/certificates/acme.json
- --certificatesResolvers.staging.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.staging.acme.tlschallenge=true
- --certificatesResolvers.staging.acme.httpChallenge.entryPoint=web
# # Di produzione
- --certificatesResolvers.production.acme.email=giuseppe9909@gmail.com
- --certificatesResolvers.production.acme.storage=/certificates/acme.json
- --certificatesResolvers.production.acme.caServer=https://acme-v02.api.letsencrypt.org/directory
- --certificatesresolvers.production.acme.tlschallenge=true
- --certificatesResolvers.production.acme.httpChallenge.entryPoint=websecure
# - --certificatesresolvers.le.acme.email=giuseppe9909@gmail.com
# - --certificatesresolvers.le.acme.storage=/certificates/acme.json
# - --certificatesresolvers.le.acme.tlschallenge=true
# Definizione dei providers
- --providers.docker=true
- --providers.docker.swarmmode=true
- --providers.docker.exposedByDefault=false
- --providers.docker.network=traefik-public
# - --providers.docker.constraints=Label(`traefik.constraint-label`, `traefik-public`)
deploy:
mode: replicated
replicas: 1
placement:
constraints: [node.role == manager]
# Volume per il salvataggio dei certificati. Si trova solo sul nodo master
volumes:
traefik-public-certificates:
networks:
traefik-public:
external: true
Whoami configuration:
version: '3'
services:
whoami:
image: traefik/whoami
networks:
- traefik-public
deploy:
mode: replicated
replicas: 1
placement:
constraints: [node.role == manager]
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik-public"
- "traefik.http.routers.whoami.entrypoints=web"
- "traefik.http.routers.whoami.rule=Host(`beppetemp.home.it`)"
- traefik.http.routers.whoami-https.tls=true
- traefik.http.routers.whoami-https.entrypoints=websecure
- traefik.http.routers.whoami-https.tls.certresolver=production
- traefik.http.routers.whoami-https.rule=Host(`beppetemp.home.it`)
- "traefik.http.services.whoami.loadbalancer.server.port=80"
networks:
traefik-public:
external: true
The error that comes out in the log of the container of traefik is in the following:
time="2022-01-04T20:00:04Z" level=error msg="Unable to obtain ACME certificate for domains "beppetemp.home.it": unable to generate a certificate for the domains [beppetemp.home.it]: error: one or more domains had a problem:\n[beppetemp.home.it] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for beppetemp.home.it - check that a DNS record exists for this domain\n" routerName=whoami-https@docker rule="Host(
beppetemp.home.it)" providerName=production.acme
does anyone know how to help me?
thanks a lot