Hi,
I have not much experience with traefik, but I keep reading about it a lot.
The main reason why I use traefik is that I have a DS-Lite (only IPv6 from outside) connection and I want reach my HomeAssistant Server from outside (also IPv4).
So I found this cool Addon which does the work for me.
All is working fine but I get this error that says me that the ACME certificate could not be generated:
time="2021-02-02T00:15:01+01:00" level=error msg="Unable to obtain ACME certificate for domains \"hassio.mydomain.tk\": unable to generate a certificate for the domains [hassio.mydomain.tk]: error: one or more domains had a problem:\n[hassio.mydomain.tk] [hassio.mydomain.tk] acme: error presenting token: cloudflare: failed to create TXT record: error from makeRequest: HTTP status 401: \n" providerName=le.acme routerName=homeAssistantRouter@file rule="Host(`hassio.mydomain.tk`)"
I am also using Cloudflare with a *.tk domain from Freenom. I have read here that Cloudflare does not support Freenom domains anymore but there is a workaround for it. Unfortunately i haven't found more information about it.
Can someone please help me with this problem?
Here are my redacted configs:
- addon configuration:
log_level: info
access_logs: false
forwarded_headers_insecure: false
dynamic_configuration_path: /config/traefik/
letsencrypt:
enabled: true
email: my@email.com
challenge_type: dnsChallenge
provider: cloudflare
delayBeforeCheck: 10
resolvers:
- '1.1.1.1:53'
- '1.0.0.1:53'
env_vars:
- CF_DNS_API_TOKEN=ABC123...
- auto-generated traefik.yaml:
global:
checkNewVersion: false
sendAnonymousUsage: false
entryPoints:
web:
address: ":80"
web-secure:
address: ":443"
forwardedHeaders:
insecure: false
api:
dashboard: true
insecure: true
certificatesResolvers:
le:
acme:
email: "my@email.com"
storage: "/ssl/traefik/acme.json"
dnsChallenge:
provider: cloudflare
delayBeforeCheck: 10
resolvers:
- "1.1.1.1:53"
- "1.0.0.1:53"
providers:
file:
directory: "/config/traefik/"
log:
level: INFO
- dynimcs.yaml
http:
routers:
redirectToHttpsRouter:
entryPoints: ["web"]
middlewares: ["httpsRedirect"]
rule: "HostRegexp(`{host:.+}`)"
service: noopService
homeAssistantRouter:
rule: "Host(`hassio.mydomain.tk`)"
entryPoints: ["web-secure"]
tls:
certResolver: le
service: homeAssistantService
middlewares:
httpsRedirect:
redirectScheme:
scheme: https
services:
noopService:
loadBalancer:
servers:
- url: "http://192.168.178.123"
homeAssistantService:
loadBalancer:
servers:
- url: "http://192.168.178.123:8123"
EDIT:
What I have tried so far:
- I created an origin certificate (cloudflare -> ssl/tls -> origin server -> origin certificates -> create certificate) and activated edge certificates (cloudflare -> ssl/tls -> edge certificates) in cloudflare.
- Copied the origin certificate and key certificate from cloudflare to my HomeAssistant Server.
- Added the following code to my dynaimics.yaml:
tls:
certificates:
- certFile: /ssl/traefik/domain.cert
keyFile: /ssl/traefik/domain.key
--> Now I get this error:
time="2021-02-02T00:17:14+01:00" level=error msg="servers transport not found default@internal" entryPointName=web routerName=redirectToHttpsRouter@file
time="2021-02-02T00:17:14+01:00" level=error msg="servers transport not found default@internal" entryPointName=web-secure routerName=homeAssistantRouter@file