SSL not working

Hi, I don't know how to fix it but I work 2 days but traefik is still not working

time="2021-02-05T23:27:36Z" level=error msg="The ACME resolver \"myresolver\" is skipped from the resolvers list because: unable to get ACME account: permissions 644 for acme.json are too open, please use 600"
time="2021-02-05T23:27:36Z" level=error msg="HTTP challenge is not enabled" entryPointName=web routerName=acme-http@internal
time="2021-02-05T23:27:37Z" level=error msg="no args for matcher Host" entryPointName=web routerName=portainer@docker
time="2021-02-05T23:27:37Z" level=error msg="middleware \"redirect@docker\" does not exist" routerName=panel-http@docker entryPointName=web
time="2021-02-05T23:27:37Z" level=error msg="HTTP challenge is not enabled" routerName=acme-http@internal entryPointName=web
time="2021-02-05T23:27:37Z" level=error msg="no args for matcher Host" routerName=panel-https@docker entryPointName=websecure
time="2021-02-05T23:27:39Z" level=error msg="the router panel-https@docker uses a non-existent resolver: myresolver"

My start command

docker run -d -p 443:443 -p 80:80 --restart always --name traefik  -v /var/run/docker.sock:/var/run/docker.sock -v $PWD/traefik.toml:/etc/traefik/traefik.toml -v $PWD/acme.json:/acme.json traefik:v2.4

My traefik.toml

################################################################
#
# Configuration sample for Traefik v2.
#
# For Traefik v1: https://github.com/traefik/traefik/blob/v1.7/traefik.sample.toml
#
################################################################

################################################################
# Global configuration
################################################################
[global]
  checkNewVersion = true
  sendAnonymousUsage = true

################################################################
# Entrypoints configuration
################################################################
[api]
  dashboard = true
[http.routers.my-api]
  rule = "Host(`traefik.example.om`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
  service = "api@internal"
  middlewares = ["auth"]

[http.middlewares.auth.basicAuth]
  users = [
    "admin:$apr1$xxxx",
  ]
# Entrypoints definition
#
# Optional
# Default:
[entryPoints]
  [entryPoints.web]
    address = ":80"

  [entryPoints.websecure]
    address = ":443"
[certificatesResolvers.myresolver.acme]
  email = "email@example.com"
  storage = "acme.json"
  [certificatesResolvers.myresolver.acme.httpChallenge]
    # used during the challenge
    entryPoint = "web"

# Redirect to https
[http.middlewares]
  [http.middlewares.redirect.redirectScheme]
    scheme = "https"
    permanent = true

################################################################
# Traefik logs configuration
################################################################

# Traefik logs
# Enabled by default and log to stdout
#
# Optional
#
[log]

  # Log level
  #
  # Optional
  # Default: "ERROR"
  #
  # level = "DEBUG"

  # Sets the filepath for the traefik log. If not specified, stdout will be used.
  # Intermediate directories are created if necessary.
  #
  # Optional
  # Default: os.Stdout
  #
  # filePath = "log/traefik.log"

  # Format is either "json" or "common".
  #
  # Optional
  # Default: "common"
  #
  # format = "json"

################################################################
# Access logs configuration
################################################################

# Enable access logs
# By default it will write to stdout and produce logs in the textual
# Common Log Format (CLF), extended with additional fields.
#
# Optional
#
# [accessLog]

  # Sets the file path for the access log. If not specified, stdout will be used.
  # Intermediate directories are created if necessary.
  #
  # Optional
  # Default: os.Stdout
  #
  # filePath = "/path/to/log/log.txt"

  # Format is either "json" or "common".
  #
  # Optional
  # Default: "common"
  #
  # format = "json"


################################################################
# Ping configuration
################################################################

# Enable ping
[ping]

  # Name of the related entry point
  #
  # Optional
  # Default: "traefik"
  #
  # entryPoint = "traefik"

################################################################
# Docker configuration backend
################################################################

# Enable Docker configuration backend
[providers.docker]

  # Docker server endpoint. Can be a tcp or a unix socket endpoint.
  #
  # Required
  # Default: "unix:///var/run/docker.sock"
  #
  # endpoint = "tcp://10.10.10.10:2375"

  # Default host rule.
  #
  # Optional
  # Default: "Host(`{{ normalize .Name }}`)"
  #
  # defaultRule = "Host(`{{ normalize .Name }}.docker.localhost`)"

  # Expose containers by default in traefik
  #
  # Optional
  # Default: true
  #
  # exposedByDefault = false

Hi @Edouard127

You have all your configuration in one file. This needs to be split into static configuration and dynamic configuration.

Things like entryPoints, logging, certificate resolvers and provider definitions go in the static configuration,

Routers, middlewares, services and certificate stores are dynamic configuration from the providers.

In your case the static configuration will have to reference the file provider where you put the dynamic configuration.
https://doc.traefik.io/traefik/getting-started/configuration-overview/#configuration-introduction

1 Like