Hi,
I'm trying to find how to reload traefik when my certificates (that are stored in files updated via rsync every now and then) are renewed.
But it seems that when the certificate files are updated on the host, traefik doesn't load the new ones, and that is an issue because I have to manually restart traefik in order to update them.
Here is my compose traefik config:
version: '3.6'
services:
traefik:
image: traefik:v2.0
command:
- "--log.level=DEBUG"
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker=true
- --providers.docker.exposedByDefault=false
- --providers.docker.network=docker
- --providers.file.filename=config.toml
- --providers.file.watch=true
- --api.insecure=true
- --accesslog=true
networks:
- traefik
restart: always
ports:
- '80:80'
- '443:443'
- '8080:8080'
volumes:
- /home/web/data/config.toml:/config.toml
- /var/run/docker.sock:/var/run/docker.sock
- /etc/ssl/eri/:/etc/ssl/eri/:ro
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
networks:
traefik:
external: true
And the config.toml file
defaultEntryPoints = ["http", "https"]
# Connection to docker host system (docker.sock)
[docker]
domain = "eri.network"
watch = true
# This will hide all docker containers that don't have explicitly
# set label to "enable"
exposedbydefault = false
# Force HTTPS
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "websecure"
[entryPoints.websecure]
address = ":443"
[entryPoints.https.tls]
[[entryPoints.https.tls.certificates]]
certFile = "/etc/ssl/eri/fullchain.pem"
keyFile = "/etc/ssl/eri/privkey.pem"
[[tls.certificates]]
certFile = "/etc/ssl/eri/fullchain.pem"
keyFile = "/etc/ssl/eri/privkey.pem"
Hoping that someone can help me..
Kind regards,
Dorian