Troubles using Traefik ACME CloudFlare cert resolver (without Docker Compose/Kubernetes)

Hi there,

I'm stumped trying to get an ACME certificate for my CloudFlare domain. Almost all examples out there are using Docker Compose to specify the CF_API_EMAIL and CF_API_KEY environment variables. But when you are NOT using Docker or Kubernetes, how are you supposed to supply the values for these?

I have tried making a system-wide environment variable but it doesn't seem that Traefik or the underlying ACME resolver thing can actually see those environment variables, even though they should be available to all users on the machine. See error below (I have substituted my actual domain with "example.com"):

ERRO[2022-12-30T22:53:57Z] Unable to obtain ACME certificate for domains "example.com,*.example.com"  routerName=my-router@file rule="Host(`example.com`)" error="cannot get ACME client cloudflare: some credentials information are missing: CLOUDFLARE_EMAIL,CLOUDFLARE_API_KEY or some credentials information are missing: CLOUDFLARE_DNS_API_TOKEN,CLOUDFLARE_ZONE_API_TOKEN" ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" providerName=cloudflare.acme

Has anyone managed to get this working without using Docker Compose or Kubernetes?

Thanks,
jutrasb

How do you run Traefik? As system service? Check this old post.

Huge thanks @bluepuma77 for pointing me in the right direction! For those finding this thread later on, you can create a traefik.service file in /etc/system.d/system with the following contents:

[Unit]
Description=Traefik
Documentation=https://doc.traefik.io/traefik/
After=network-online.target

[Service]
Environment=CLOUDFLARE_EMAIL=example@email.com
Environment=CLOUDFLARE_API_KEY=123456yourcloudflareapikeyhere7890
Type=notify
ExecStart=/path/to/traefik --configFile=/path/to/traefik.yml
#Restart=always
#WatchdogSec=1s

[Install]
WantedBy=multi-user.target

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.