traefik worked for the last 2 weeks like a charm, until I had to restart my NAS and realized the /etc/traefik folder doesn't exist anymore after the reboot.
So I wanted to change my folder and link to ./etc/traefik within my compose folder.
version: '3' services: traefik: image: traefik:latest container_name: traefik ports: - 80:80 - 443:443 - 8080:8080 # (optional) expose the dashboard ! don't use in production! - 51820:51820/udp # wireguard volumes: - ./etc/traefik:/etc/traefik - ./ssl-certs/:/ssl-certs/ - /var/run/docker.sock:/var/run/docker.sock - ./logs:/logs restart: unless-stopped networks: - traefik networks: traefik: external: true
And my traefik.yml looks like this:
global: checkNewVersion: true sendAnonymousUsage: false # true by default # (Optional) Enable API and Dashboard # --- api: dashboard: true # true by default insecure: true # Don't do this in production! # Entry Points configuration # --- entryPoints: web: address: :80 # (Optional) Redirect to HTTPS http: redirections: entryPoint: to: websecure scheme: https websecure: address: :443 wireguard: address: :51820/udp # Configure your CertificateResolver here... # --- certificatesResolvers: staging: acme: email: email@example.com storage: /ssl-certs/acme.json caServer: "https://acme-staging-v02.api.letsencrypt.org/directory" httpChallenge: entryPoint: web production: acme: email: firstname.lastname@example.org storage: /ssl-certs/acme.json caServer: "https://acme-v02.api.letsencrypt.org/directory" httpChallenge: entryPoint: web #(Optional) Overwrite Default Certificates tls: stores: default: defaultCertificate: certFile: /ssl-certs/cert.pem keyFile: /ssl-certs/cert-key.pem #(Optional) Disable TLS version 1.0 and 1.1 options: default: minVersion: VersionTLS12 providers: docker: exposedByDefault: false file: # watch for dynamic configuration changes directory: /etc/traefik watch: true
After I changed my folders to the local one, the acme.json was created properly. But I always receive the error:
level=error msg="Error while creating certificate store: failed to load X509 key pair: tls: failed to find any PEM data in certificate input" tlsStoreName=default
Afterwards of course all certificates fail:
Unable to obtain ACME certificate for domains \"whoami.mydomain.com\": unable to generate a certificate for the domains [whoami.mydomain.com]: error: one or more domains had a problem:\n[whoami.mydomain.com] acme: error: 400
I tried to figure out what that error is, but to be honest, I have absolutely no clue.
Does anyone have an idea what this could be?
Thank you and best regards