I cannot acces my containers via traefik

User1 · September 5, 2024, 7:46pm

Hello this is my traefik compose yml :

version: '3.9'
services:
  traefik:
    image: traefik:v3.0
    deploy:
        resources:
         limits:
          cpus: "4"
          memory: 5000M
    ports:
      - 80:80
      - 8080:8080
      - 8888:8888
      - 443:443
    networks:
      - dokos  # Removed bridge
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./config/letsencrypt:/letsencrypt
      - ./log:/var/log
    command:
      - --api.dashboard=true
      - "traefik.http.routers.dashboard.rule=Host(`dokos.org`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
      - "traefik.http.routers.dashboard.service=api@internal"
      - "traefik.http.routers.dashboard.middlewares=auth"
      - --api.dashboard=true 
      - --api.insecure=true
      - --log.level=INFO
      - --log.filepath=/var/log/traefik.log
      - --accesslog=true
      - --accesslog.filepath=/var/log/traefik-access.log
      - --providers.docker.network=dokos
      - --providers.docker.exposedByDefault=false
      - --entrypoints.web.address=:80
      # - --entrypoints.web.http.redirections.entrypoint.to=websecure
      # - --entryPoints.web.http.redirections.entrypoint.scheme=https
      - --entrypoints.websecure.address=:443
      - --entrypoints.websecure.asDefault=true
      - --entrypoints.websecure.http.tls.certresolver=myresolver
      - --certificatesresolvers.myresolver.acme.email=dokos.yazilim@gmail.com
      - --certificatesresolvers.myresolver.acme.tlschallenge=true
      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
      - --providers.swarm=true
      - --providers.swarm.endpoint=unix:///var/run/docker.sock
    labels:
      - traefik.enable=true
      - traefik.http.middlewares.mywwwredirect.redirectregex.regex=^https://www\.(.*)
      - traefik.http.middlewares.mywwwredirect.redirectregex.replacement=https://$${1}
      - traefik.http.routers.mydashboard.service=api@internal
      - traefik.http.routers.mydashboard.middlewares=auth
      - traefik.http.middlewares.auth.basicauth.users=fox:$$2y$$10$$e5y2BGu7rsMWNO2DwwcHquZmAt4675tCcs5A4q3.1W3atWLVlQ7gy

  front:
      image: strm/helloworld-http
      container_name: load-balancer
      depends_on:
        - traefik
      networks:
            - dokos  # Only using the overlay network
      labels:
            - traefik.enable=true
            - traefik.http.routers.fronttest.rule=Host(`fronttest.dokos.org`)
            - traefik.http.routers.fronttest.entrypoints=web
            - traefik.http.routers.fronttest.tls=true
            - traefik.http.routers.fronttest.tls.certresolver=myresolver
            - traefik.http.routers.fronttest.middlewares=mywwwredirect, auth 
            - traefik.http.routers.fronttest.service=fronttest
            - traefik.http.services.fronttest.loadbalancer.server.port=80

  portainer:
    image: portainer/portainer-ce:latest    
    deploy:
        resources:
         limits:
          cpus: "4"
          memory: 5000M 
    volumes:
        - portainer_data:/data
        - /var/run/docker.sock:/var/run/docker.sock
    restart: unless-stopped
    depends_on:
        - traefik
    ports:
        - 9000:9000
    networks:
            - dokos  # Only using the overlay network
    labels:
            - "traefik.enable=true"
            - "traefik.http.routers.portainer.rule=Host(`portainer.dokos.org`)"
            - traefik.http.routers.portainer.service=portainer
            - "traefik.http.routers.portainer.tls=true"
            - "traefik.http.routers.portainer.tls.certresolver=myresolver"
            - "traefik.http.routers.portainer.entrypoints=websecure"
            - "traefik.http.services.portainer.loadbalancer.server.port=9000"

volumes:
  portainer_data:
    driver: local
  laravel:
    driver: local

networks:
  dokos:
    name: dokos
    driver: overlay
    attachable: true
    external: true

When I try to reach portainer its giving 404 page.
Interesting problem its giving cannot find swarm error
:ERR Provider error, retrying in 305.622334ms error="Cannot connect to the Docker daemon at tcp://127.0.0.1:2377. Is the docker daemon running?" providerName=swarm

then I change swarm attributes like that:

--providers.swarm.endpoint=unix:///var/run/docker.sock
Its fixed.
but still pages its not coming. giving 404

I try every I found solution still I can t figure out what is the problem.
And dashboard not coming to.

close the firewall
swarm init
every container should same network

my access log error(reaching portainer) :

xxx.xxx.xxx.xx - - [05/Sep/2024:19:35:50 +0000] "GET / HTTP/1.1" 404 19 "-" "-" 1 "-" "-" 0ms
xxx.xxx.xxx.xx - - [05/Sep/2024:19:35:54 +0000] "GET / HTTP/1.1" 404 19 "-" "-" 2 "-" "-" 0ms
xxx.xxx.xxx.xx - - [05/Sep/2024:19:35:57 +0000] "GET /dashboard HTTP/1.1" 404 19 "-" "-" 3 "-" "-" 0ms
xxx.xxx.xxx.xx - - [05/Sep/2024:19:36:00 +0000] "GET / HTTP/1.1" 404 19 "-" "-" 4 "-" "-" 0ms
xxx.xxx.xxx.xx - - [05/Sep/2024:19:36:24 +0000] "GET / HTTP/1.1" 404 19 "-" "-" 5 "-" "-" 0ms
xxx.xxx.xxx.xx - - [05/Sep/2024:19:36:29 +0000] "GET / HTTP/1.1" 404 19 "-" "-" 6 "-" "-" 0ms

my debug traefik log:

com.docker.compose.depends_on:traefik:service_started:false com.docker.compose.image:sha256:744a24a2496a5fe0a9d744fe6c953699361a0829eb623e1d2a4cb268fa3a725e com.docker.compose.oneoff:False com.docker.compose.project:traefik com.docker.compose.project.config_files:/root/docker_composes/traefik/docker-compose.yml com.docker.compose.project.working_dir:/root/docker_composes/traefik com.docker.compose.replace:b27a4683938b85a31c8b3fe85f7e42793983b66069355f8a0684057d8ee6cca3 com.docker.compose.service:portainer com.docker.compose.version:2.29.2 com.docker.desktop.extension.api.version:>= 0.2.2 com.docker.desktop.extension.icon:https://portainer-io-assets.sfo2.cdn.digitaloceanspaces.com/logos/portainer.png com.docker.extension.additional-urls:[{"title":"Website","url":"https://www.portainer.io?utm_campaign=DockerCon&utm_source=DockerDesktop"},{"title":"Documentation","url":"https://docs.portainer.io"},{"title":"Support","url":"https://join.slack.com/t/portainer/shared_invite/zt-txh3ljab-52QHTyjCqbe5RibC2lcjKA"}] com.docker.extension.detailed-description:<p data-renderer-start-pos="226">Portainer&rsquo;s Docker Desktop extension gives you access to all of Portainer&rsquo;s rich management functionality within your docker desktop experience.</p><h2 data-renderer-start-pos="374">With Portainer you can:</h2><ul><li>See all your running containers</li><li>Easily view all of your container logs</li><li>Console into containers</li><li>Easily deploy your code into containers using a simple form</li><li>Turn your YAML into custom templates for easy reuse</li></ul><h2 data-renderer-start-pos="660">About Portainer&nbsp;</h2><p data-renderer-start-pos="680">Portainer is the worlds&rsquo; most popular universal container management platform with more than 650,000 active monthly users. Portainer can be used to manage Docker Standalone, Kubernetes, Docker Swarm and Nomad environments through a single common interface. It includes a simple GitOps automation engine and a Kube API.&nbsp;</p><p data-renderer-start-pos="1006">Portainer Business Edition is our fully supported commercial grade product for business-wide use. It includes all the functionality that businesses need to manage containers at scale. Visit <a class="sc-jKJlTe dPfAtb" href="http://portainer.io/" title="http://Portainer.io" data-renderer-mark="true">Portainer.io</a> to learn more about Portainer Business and <a class="sc-jKJlTe dPfAtb" href="http://portainer.io/take-3?utm_campaign=DockerCon&amp;utm_source=Docker%20Desktop" title="http://portainer.io/take-3?utm_campaign=DockerCon&amp;utm_source=Docker%20Desktop" data-renderer-mark="true">get 3 free nodes.</a></p> com.docker.extension.publisher-url:https://www.portainer.io com.docker.extension.screenshots:[{"alt": "screenshot one", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-1.png"},{"alt": "screenshot two", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-2.png"},{"alt": "screenshot three", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-3.png"},{"alt": "screenshot four", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-4.png"},{"alt": "screenshot five", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-5.png"},{"alt": "screenshot six", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-6.png"},{"alt": "screenshot seven", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-7.png"},{"alt": "screenshot eight", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-8.png"},{"alt": "screenshot nine", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-9.png"}] image:portainer/portainer-ce:latest io.portainer.server:true name:traefik-portainer-1 org.opencontainers.image.description:Docker container management made simple, with the world’s most popular GUI-based container management platform. org.opencontainers.image.title:Portainer org.opencontainers.image.vendor:Portainer.io traefik.enable:true traefik.http.routers.portainer.entrypoints:websecure traefik.http.routers.portainer.rule:Host(`portainer.kodos.org`) traefik.http.routers.portainer.service:portainer traefik.http.routers.portainer.tls:true traefik.http.routers.portainer.tls.certresolver:myresolver traefik.http.services.portainer.loadbalancer.server.port:9000]} Scope:local Time:1725564950 TimeNano:1725564950354950553} providerName=docker
2024-09-05T19:35:50Z DBG github.com/traefik/traefik/v3/pkg/tls/tlsmanager.go:321 > No default certificate, fallback to the internal generated certificate tlsStoreName=default
2024-09-05T19:35:50Z DBG github.com/traefik/traefik/v3/pkg/middlewares/auth/basic_auth.go:33 > Creating middleware entryPointName=websecure middlewareName=auth@docker middlewareType=BasicAuth routerName=mydashboard@docker
2024-09-05T19:35:50Z DBG github.com/traefik/traefik/v3/pkg/middlewares/observability/middleware.go:33 > Adding tracing to middleware entryPointName=websecure middlewareName=auth@docker routerName=mydashboard@docker
2024-09-05T19:35:50Z DBG github.com/traefik/traefik/v3/pkg/middlewares/recovery/recovery.go:22 > Creating middleware entryPointName=websecure middlewareName=traefik-internal-recovery middlewareType=Recovery
2024-09-05T19:35:50Z DBG github.com/traefik/traefik/v3/pkg/server/router/tcp/manager.go:237 > Adding route for traefik-traefik with TLS options default entryPointName=websecure
2024-09-05T19:35:50Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:384 > Trying to challenge certificate for domain [traefik-traefik] found in HostSNI rule ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=myresolver.acme routerName=mydashboard@docker rule=Host(`traefik-traefik`)
2024-09-05T19:35:50Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:851 > Looking for provided certificate(s) to validate ["traefik-traefik"]... ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=myresolver.acme routerName=mydashboard@docker rule=Host(`traefik-traefik`)
2024-09-05T19:35:50Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:897 > Domains need ACME certificates generation for domains "traefik-traefik". ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory domains=["traefik-traefik"] providerName=myresolver.acme routerName=mydashboard@docker rule=Host(`traefik-traefik`)
2024-09-05T19:35:50Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:619 > Loading ACME certificates [traefik-traefik]... ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=myresolver.acme routerName=mydashboard@docker rule=Host(`traefik-traefik`)
2024-09-05T19:35:50Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:251 > Building ACME client... providerName=myresolver.acme
2024-09-05T19:35:50Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:257 > https://acme-v02.api.letsencrypt.org/directory providerName=myresolver.acme
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/server/configurationwatcher.go:227 > Configuration received config={"http":{"middlewares":{"auth":{"basicAuth":{"users":["fox:$2y$10$e5y2BGu7rsMWNO2DwwcHquZmAt4675tCcs5A4q3.1W3atWLVlQ7gy"]}},"mywwwredirect":{"redirectRegex":{"regex":"^https://www\\.(.*)","replacement":"https://${1}"}}},"routers":{"fronttest":{"entryPoints":["web"],"middlewares":["mywwwredirect","auth"],"rule":"Host(`fronttest.kodos.org`)","service":"fronttest","tls":{"certResolver":"myresolver"}},"mydashboard":{"middlewares":["auth"],"rule":"Host(`traefik-traefik`)","service":"api@internal"},"portainer":{"entryPoints":["websecure"],"rule":"Host(`portainer.kodos.org`)","service":"portainer","tls":{"certResolver":"myresolver"}}},"services":{"fronttest":{"loadBalancer":{"passHostHeader":true,"responseForwarding":{"flushInterval":"100ms"},"servers":[{"url":"http://10.0.1.36:80"}]}},"portainer":{"loadBalancer":{"passHostHeader":true,"responseForwarding":{"flushInterval":"100ms"},"servers":[{"url":"http://10.0.1.37:9000"}]}},"traefik-traefik":{"loadBalancer":{"passHostHeader":true,"responseForwarding":{"flushInterval":"100ms"},"servers":[{"url":"http://10.0.1.34:80"}]}}}},"tcp":{},"tls":{},"udp":{}} providerName=docker
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/server/aggregator.go:51 > No entryPoint defined for this router, using the default one(s) instead entryPointName=["websecure"] routerName=mydashboard
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:331 > Using TLS Challenge provider. providerName=myresolver.acme
2024-09-05T19:35:51Z DBG github.com/go-acme/lego/v4@v4.17.4/log/logger.go:48 > [INFO] [traefik-traefik] acme: Obtaining bundled SAN certificate lib=lego
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/tls/tlsmanager.go:321 > No default certificate, fallback to the internal generated certificate tlsStoreName=default
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/server/service/service.go:259 > Creating load-balancer entryPointName=web routerName=fronttest@docker serviceName=fronttest@docker
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/server/service/service.go:301 > Creating server entryPointName=web routerName=fronttest@docker serverName=c76c5a592af58fee serviceName=fronttest@docker target=http://10.0.1.36:80
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/middlewares/auth/basic_auth.go:33 > Creating middleware entryPointName=web middlewareName=auth@docker middlewareType=BasicAuth routerName=fronttest@docker
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/middlewares/observability/middleware.go:33 > Adding tracing to middleware entryPointName=web middlewareName=auth@docker routerName=fronttest@docker
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/middlewares/redirect/redirect_regex.go:17 > Creating middleware entryPointName=web middlewareName=mywwwredirect@docker middlewareType=RedirectRegex routerName=fronttest@docker
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/middlewares/redirect/redirect_regex.go:18 > Setting up redirection from ^https://www\.(.*) to https://${1} entryPointName=web middlewareName=mywwwredirect@docker middlewareType=RedirectRegex routerName=fronttest@docker
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/middlewares/observability/middleware.go:33 > Adding tracing to middleware entryPointName=web middlewareName=mywwwredirect@docker routerName=fronttest@docker
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/middlewares/recovery/recovery.go:22 > Creating middleware entryPointName=web middlewareName=traefik-internal-recovery middlewareType=Recovery
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/server/service/service.go:259 > Creating load-balancer entryPointName=websecure routerName=portainer@docker serviceName=portainer@docker
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/server/service/service.go:301 > Creating server entryPointName=websecure routerName=portainer@docker serverName=f502341ba90d4b3a serviceName=portainer@docker target=http://10.0.1.37:9000
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/middlewares/auth/basic_auth.go:33 > Creating middleware entryPointName=websecure middlewareName=auth@docker middlewareType=BasicAuth routerName=mydashboard@docker
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/middlewares/observability/middleware.go:33 > Adding tracing to middleware entryPointName=websecure middlewareName=auth@docker routerName=mydashboard@docker
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/middlewares/recovery/recovery.go:22 > Creating middleware entryPointName=websecure middlewareName=traefik-internal-recovery middlewareType=Recovery
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/server/router/tcp/manager.go:237 > Adding route for fronttest.kodos.org with TLS options default entryPointName=web
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/server/router/tcp/manager.go:237 > Adding route for portainer.kodos.org with TLS options default entryPointName=websecure
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/server/router/tcp/manager.go:237 > Adding route for traefik-traefik with TLS options default entryPointName=websecure
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:384 > Trying to challenge certificate for domain [fronttest.kodos.org] found in HostSNI rule ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=myresolver.acme routerName=fronttest@docker rule=Host(`fronttest.kodos.org`)
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:384 > Trying to challenge certificate for domain [portainer.kodos.org] found in HostSNI rule ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=myresolver.acme routerName=portainer@docker rule=Host(`portainer.kodos.org`)
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:384 > Trying to challenge certificate for domain [traefik-traefik] found in HostSNI rule ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=myresolver.acme routerName=mydashboard@docker rule=Host(`traefik-traefik`)
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:851 > Looking for provided certificate(s) to validate ["traefik-traefik"]... ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=myresolver.acme routerName=mydashboard@docker rule=Host(`traefik-traefik`)
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:851 > Looking for provided certificate(s) to validate ["fronttest.kodos.org"]... ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=myresolver.acme routerName=fronttest@docker rule=Host(`fronttest.kodos.org`)
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:851 > Looking for provided certificate(s) to validate ["portainer.kodos.org"]... ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=myresolver.acme routerName=portainer@docker rule=Host(`portainer.kodos.org`)
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:895 > No ACME certificate generation required for domains ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory domains=["traefik-traefik"] providerName=myresolver.acme routerName=mydashboard@docker rule=Host(`traefik-traefik`)
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:897 > Domains need ACME certificates generation for domains "fronttest.kodos.org". ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory domains=["fronttest.kodos.org"] providerName=myresolver.acme routerName=fronttest@docker rule=Host(`fronttest.kodos.org`)
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:619 > Loading ACME certificates [fronttest.kodos.org]... ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=myresolver.acme routerName=fronttest@docker rule=Host(`fronttest.kodos.org`)
2024-09-05T19:35:51Z DBG github.com/go-acme/lego/v4@v4.17.4/log/logger.go:48 > [INFO] [fronttest.kodos.org] acme: Obtaining bundled SAN certificate lib=lego
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:897 > Domains need ACME certificates generation for domains "portainer.kodos.org". ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory domains=["portainer.kodos.org"] providerName=myresolver.acme routerName=portainer@docker rule=Host(`portainer.kodos.org`)
2024-09-05T19:35:51Z DBG github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:619 > Loading ACME certificates [portainer.kodos.org]... ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory providerName=myresolver.acme routerName=portainer@docker rule=Host(`portainer.kodos.org`)
2024-09-05T19:35:51Z DBG github.com/go-acme/lego/v4@v4.17.4/log/logger.go:48 > [INFO] [portainer.kodos.org] acme: Obtaining bundled SAN certificate lib=lego
2024-09-05T19:35:51Z ERR github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:396 > Unable to obtain ACME certificate for domains error="unable to generate a certificate for the domains [traefik-traefik]: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: Invalid identifiers requested :: Cannot issue for \"traefik-traefik\": Domain name needs at least one dot" ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory domains=["traefik-traefik"] providerName=myresolver.acme routerName=mydashboard@docker rule=Host(`traefik-traefik`)
2024-09-05T19:35:52Z ERR github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:396 > Unable to obtain ACME certificate for domains error="unable to generate a certificate for the domains [portainer.kodos.org]: acme: error: 429 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rateLimited :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/failed-validation-limit/" ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory domains=["portainer.kodos.org"] providerName=myresolver.acme routerName=portainer@docker rule=Host(`portainer.kodos.org`)
2024-09-05T19:35:52Z ERR github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:396 > Unable to obtain ACME certificate for domains error="unable to generate a certificate for the domains [fronttest.kodos.org]: acme: error: 429 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rateLimited :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/failed-validation-limit/" ACME CA=https://acme-v02.api.letsencrypt.org/directory acmeCA=https://acme-v02.api.letsencrypt.org/directory domains=["fronttest.kodos.org"] providerName=myresolver.acme routerName=fronttest@docker rule=Host(`fronttest.kodos.org`)
2024-09-05T19:36:04Z DBG github.com/traefik/traefik/v3/pkg/server/configurationwatcher.go:227 > Configuration received config={"http":{},"tcp":{},"tls":{},"udp":{}} providerName=swarm
2024-09-05T19:36:04Z DBG github.com/traefik/traefik/v3/pkg/server/configurationwatcher.go:127 > Skipping unchanged configuration providerName=swarm
2024-09-05T19:36:19Z DBG github.com/traefik/traefik/v3/pkg/server/configurationwatcher.go:227 > Configuration received config={"http":{},"tcp":{},"tls":{},"udp":{}} providerName=swarm
2024-09-05T19:36:19Z DBG github.com/traefik/traefik/v3/pkg/server/configurationwatcher.go:127 > Skipping unchanged configuration providerName=swarm
2024-09-05T19:36:31Z DBG github.com/traefik/traefik/v3/pkg/provider/docker/pdocker.go:111 > Provider event received {Status:die ID:39738a00aabb9b70d049e56a0e9ed86910c4764ec1452365c357572db63421a8 From:portainer/portainer-ce:latest Type:container Action:die Actor:{ID:39738a00aabb9b70d049e56a0e9ed86910c4764ec1452365c357572db63421a8 Attributes:map[com.docker.compose.config-hash:19cce6a2e45f138f19a90168d4fd0c9479246c6b52f803900303fd6a2fbaadc5 com.docker.compose.container-number:1 com.docker.compose.depends_on:traefik:service_started:false com.docker.compose.image:sha256:744a24a2496a5fe0a9d744fe6c953699361a0829eb623e1d2a4cb268fa3a725e com.docker.compose.oneoff:False com.docker.compose.project:traefik com.docker.compose.project.config_files:/root/docker_composes/traefik/docker-compose.yml com.docker.compose.project.working_dir:/root/docker_composes/traefik com.docker.compose.replace:b27a4683938b85a31c8b3fe85f7e42793983b66069355f8a0684057d8ee6cca3 com.docker.compose.service:portainer com.docker.compose.version:2.29.2 com.docker.desktop.extension.api.version:>= 0.2.2 com.docker.desktop.extension.icon:https://portainer-io-assets.sfo2.cdn.digitaloceanspaces.com/logos/portainer.png com.docker.extension.additional-urls:[{"title":"Website","url":"https://www.portainer.io?utm_campaign=DockerCon&utm_source=DockerDesktop"},{"title":"Documentation","url":"https://docs.portainer.io"},{"title":"Support","url":"https://join.slack.com/t/portainer/shared_invite/zt-txh3ljab-52QHTyjCqbe5RibC2lcjKA"}] com.docker.extension.detailed-description:<p data-renderer-start-pos="226">Portainer&rsquo;s Docker Desktop extension gives you access to all of Portainer&rsquo;s rich management functionality within your docker desktop experience.</p><h2 data-renderer-start-pos="374">With Portainer you can:</h2><ul><li>See all your running containers</li><li>Easily view all of your container logs</li><li>Console into containers</li><li>Easily deploy your code into containers using a simple form</li><li>Turn your YAML into custom templates for easy reuse</li></ul><h2 data-renderer-start-pos="660">About Portainer&nbsp;</h2><p data-renderer-start-pos="680">Portainer is the worlds&rsquo; most popular universal container management platform with more than 650,000 active monthly users. Portainer can be used to manage Docker Standalone, Kubernetes, Docker Swarm and Nomad environments through a single common interface. It includes a simple GitOps automation engine and a Kube API.&nbsp;</p><p data-renderer-start-pos="1006">Portainer Business Edition is our fully supported commercial grade product for business-wide use. It includes all the functionality that businesses need to manage containers at scale. Visit <a class="sc-jKJlTe dPfAtb" href="http://portainer.io/" title="http://Portainer.io" data-renderer-mark="true">Portainer.io</a> to learn more about Portainer Business and <a class="sc-jKJlTe dPfAtb" href="http://portainer.io/take-3?utm_campaign=DockerCon&amp;utm_source=Docker%20Desktop" title="http://portainer.io/take-3?utm_campaign=DockerCon&amp;utm_source=Docker%20Desktop" data-renderer-mark="true">get 3 free nodes.</a></p> com.docker.extension.publisher-url:https://www.portainer.io com.docker.extension.screenshots:[{"alt": "screenshot one", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-1.png"},{"alt": "screenshot two", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-2.png"},{"alt": "screenshot three", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-3.png"},{"alt": "screenshot four", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-4.png"},{"alt": "screenshot five", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-5.png"},{"alt": "screenshot six", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-6.png"},{"alt": "screenshot seven", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-7.png"},{"alt": "screenshot eight", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-8.png"},{"alt": "screenshot nine", "url": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-9.png"}] exitCode:2 image:portainer/portainer-ce:latest io.portainer.server:true name:traefik-portainer-1 org.opencontainers.image.description:Docker container management made simple, with the world’s most popular GUI-based container management platform. org.opencontainers.image.title:Portainer org.opencontainers.image.vendor:Portainer.io traefik.enable:true traefik.http.routers.portainer.entrypoints:websecure traefik.http.routers.portainer.rule:Host(`portainer.kodos.org`) traefik.http.routers.portainer.service:portainer traefik.http.routers.portainer.tls:true traefik.http.routers.portainer.tls.certresolver:myresolver traefik.http.services.portainer.loadbalancer.server.port:9000]} Scope:local Time:1725564991 TimeNano:1725564991687747220} providerName=docker

terminal docker :

root@debian12:~/docker_composes/traefik# network ls
bash: network: command not found
root@debian12:~/docker_composes/traefik# docker network ls
NETWORK ID     NAME              DRIVER    SCOPE
28339c3aa4ce   bridge            bridge    local
1dc04b4d10d0   docker_gwbridge   bridge    local
6121df845b78   host              host      local
e257cuo7llg0   ingress           overlay   swarm
r9xd6ujtxccu   dokos             overlay   swarm
918633f21c04   none              null      local
root@debian12:~/docker_composes/traefik# systemctl status docker
● docker.service - Docker Application Container Engine
     Loaded: loaded (/lib/systemd/system/docker.service; ena>
     Active: active (running) since Thu 2024-09-05 22:04:26 >
TriggeredBy: ● docker.socket
       Docs: https://docs.docker.com
   Main PID: 777 (dockerd)
      Tasks: 15
     Memory: 149.8M
        CPU: 1min 29.391s
     CGroup: /system.slice/docker.service
             └─777 /usr/sbin/dockerd -H fd:// --containerd=/>

Sep 05 22:36:31 debian12 dockerd[777]: time="2024-09-05T22:3>
Sep 05 22:36:32 debian12 dockerd[777]: time="2024-09-05T22:3>
Sep 05 22:36:32 debian12 dockerd[777]: time="2024-09-05T22:3>
Sep 05 22:36:32 debian12 dockerd[777]: http: superfluous res>
Sep 05 22:36:32 debian12 dockerd[777]: time="2024-09-05T22:3>
Sep 05 22:36:32 debian12 dockerd[777]: time="2024-09-05T22:3>
Sep 05 22:36:33 debian12 dockerd[777]: time="2024-09-05T22:3>
Sep 05 22:36:33 debian12 dockerd[777]: time="2024-09-05T22:3>
Sep 05 22:39:27 debian12 dockerd[777]: time="2024-09-05T22:3>
Sep 05 22:39:27 debian12 dockerd[777]: time="2024-09-05T22:3>

root@debian12:~/docker_composes/traefik# docker -v
Docker version 20.10.24+dfsg1, build 297e128
root@debian12:~/docker_composes/traefik#

@bluepuma77

bluepuma77 · September 5, 2024, 9:08pm

There seems to be a mixup of static and dynamic config. Maybe compare with simple Traefik Swarm example.

Note that Swarm with Traefik and LetsEncrypt isn’t easy, as ist not LetsEncrypt cluster-enabled. So for starters you should probably only use one Traefik instance or constrain it to a single fixed manager node.

Or use dnsChallenge with up to 5 instances. But persist the keys, as you will hit the limit otherwise.

bluepuma77 · September 5, 2024, 9:09pm

Note that Traefik Mesh is probably the wrong category.

Topic		Replies	Views
Website not accessable ERR_CONNECTION_CLOSED Traefik v2 docker	0	765	April 2, 2021
Service not accessible on domain Traefik v3 (latest) docker	13	177	August 28, 2024
Traefik does not route correctly to apps Traefik v2 docker	0	529	April 21, 2022
Need Help with Traefik and Docker Compose Setup - Can't Access Containers Externally Traefik v2 docker	2	2776	December 8, 2023
Unable to securely(https) access the application with traefik in docker-compose Traefik v1 docker	0	410	May 27, 2022

I cannot acces my containers via traefik

Related topics