Gateway timeout after trying to setup letsencrypt

Traefik Traefik v2
,
1

My docker-compose.yml

version: "3.3"

services:

  traefik:
    image: "traefik:v2.0.0-rc3"
    container_name: "traefik"
    networks:
        - web
    ports:
      - "443:443"
      - "8080:8080"
    volumes:
      - "./letsencrypt:/letsencrypt"
      - $PWD/traefik.toml:/traefik.toml
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

networks:
  web:
    external: true

traefik.toml contents

[global]
  checkNewVersion = true
  sendAnonymousUsage = true
[entryPoints]
  [entryPoints.web]
    address = ":80"
  [entryPoints.websecure]
    address = ":443"
[log]
  level = "DEBUG"
[api]
  dashboard = true
  insecure = true
[ping]
[providers.docker]
	endpoint = "unix:///var/run/docker.sock"
	watch = true
	exposedbydefault = false

[certificatesResolvers.le.acme]
  email = "bharatkalluri@protonmail.com"
  storage = "acme.json"
  [certificatesResolvers.le.acme.httpChallenge]
    entryPoint = "web"
  [certificatesResolvers.le.acme.tlsChallenge]

and for one subdomain, my docker-compose file is as follows

version: '3.6'
services:
  app:
    build: .
    labels:
        - traefik.enable=true
        - traefik.startpage.frontend.rule=Host:start.bharatkalluri.in
        - traefik.startpage.protocol=https
        - traefik.startpage.port=8001
        - traefik.http.routers.startpage.rule=Host(`start.bharatkalluri.in`)
        - traefik.http.routers.startpage.tls=true
        - traefik.http.routers.startpage.tls.certresolver=le
    ports:
      - "8001:8001"
    networks:
      - web
      - default

networks:
  web:
    external: true

I am sure there is something wrong as the letsencrypt folder is empty. Every time I hit the HTTPS endpoint, I get a message saying Gateway timeout. The website works if I hit it directly using IP and port address, Please let me know where the mistake is.

2

Hello,

could you use the latest stable version instead of pretty old RC version:

traefik:v2.1.4

You mixed configuration from v1 and v2 of Traefik.

    labels:
        - traefik.enable=true
        - traefik.http.routers.startpage.rule=Host(`start.bharatkalluri.in`)
        - traefik.http.routers.startpage.tls=true
        - traefik.http.routers.startpage.tls.certresolver=le
        - traefik.http.routers.startpage.entrypoints=websecure
        - traefik.http.services.startpage.loadbalancer.server.port=8001

You cannot use the TLS challenge and the HTTP at the same time

[global]
  checkNewVersion = true
  sendAnonymousUsage = true

[entryPoints]

  [entryPoints.web]
    address = ":80"

  [entryPoints.websecure]
    address = ":443"

[log]
  level = "INFO"

[api]
  insecure = true

[ping]

[providers.docker]
  endpoint = "unix:///var/run/docker.sock"
  exposedbydefault = false

[certificatesResolvers.le.acme]
  email = "bharatkalluri@protonmail.com"
  storage = "acme.json"
  [certificatesResolvers.le.acme.tlsChallenge]
3

Hi @ldez,

Thanks for taking out time to reply!

As you suggested, I have updated all the files as per your suggestion.

docker-compose.yml

version: "3.3"

services:

  traefik:
    image: "traefik:v2.1.4"
    container_name: "traefik"
    networks:
        - web
    ports:
      - "443:443"
      - "8080:8080"
    volumes:
      - "./letsencrypt:/letsencrypt"
      - $PWD/traefik.toml:/traefik.toml
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

networks:
  web:
    external: true

traefik.toml

[global]
  checkNewVersion = true
  sendAnonymousUsage = true
[entryPoints]
  [entryPoints.web]
    address = ":80"
  [entryPoints.websecure]
    address = ":443"
[log]
  level = "DEBUG"
[api]
  dashboard = true
  insecure = true
[ping]
[providers.docker]
	endpoint = "unix:///var/run/docker.sock"
	watch = true
	exposedbydefault = false

[certificatesResolvers.le.acme]
  email = "bharatkalluri@protonmail.com"
  storage = "acme.json"
  [certificatesResolvers.le.acme.tlsChallenge]

My website's docker-compose.yml

version: "3.6"
services:
  app:
    build: .
    ports:
      - "8001:8001"
    labels:
      - traefik.enable=true
      - traefik.http.routers.startpage.rule=Host(`start.bharatkalluri.in`)
      - traefik.http.routers.startpage.tls=true
      - traefik.http.routers.startpage.tls.certresolver=le
      - traefik.http.services.startpage.loadbalancer.server.port=8001
networks:
  web:
    external: true

Now when I hit the IP and port, the website is up. But on https it times out, and on http it fails to connect.

Update: I removed the network:web everywhere to test. Now the certificate served for start.bharatkalluri.in is TRAEFIK DEFAULT CERT , and if the website still times out (504: Gateway time out).
Update 2: After digging through logs, I found this Error creating new order :: too many certificates already issued for exact set of domains: start.bharatkalluri.in: see https://letsencrypt.org/docs/rate-limits/, url: " routerName=startpage@docker rule="Host(start.bharatkalluri.in)" providerName=le.acme, . Apparently I hit the rate limit, although I am not sure how. Even if I live with the default traefik certificate, I still am hitting gateway timeout. Any suggestions as to how I can fix this?