Unmarshal errors: line 1: cannot unmarshal !seq into map[string]interface {}

Traefik Traefik v2 (latest)
,
1

I'm trying to set up a Traefik instance on Docker Swarm and getting the following issue:

unmarshal errors:

  line 1: cannot unmarshal !!seq into map[string]interface {}

My traefik.yml:

entryPoints:
  web:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: web-secure
          scheme: https
  web-secure:
    address: ":443"

log:
  level: DEBUG

api:
  insecure: true
  dashboard: true
  debug: true
  
providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  
certificatesResolvers:
  letsencrypt:
    acme:
      email: "removed"
      storage: "/acme.json"
      dnsChallenge:
        provider: "cloudflare"
        delayBeforeCheck: 0
        resolvers:
          - "1.1.1.1:53"
          - "1.0.0.1:53"
        options:
          apiToken: "removed"

My Docker Compose file:

version: '3.7'

services:
  traefik:
    image: traefik:v2.5
    command:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--providers.docker.swarmmode=true"
      - "--entrypoints.http.address=:80"
      - "--entrypoints.https.address=:443"
      - "--certificatesresolvers.letsencrypt.acme.dnschallenge=true"
      - "--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare"
      - "--certificatesresolvers.letsencrypt.acme.dnschallenge.delaybeforecheck=0"
      - "--certificatesresolvers.letsencrypt.acme.email=removed"
      - "--certificatesresolvers.letsencrypt.acme.storage=acme.json"
      - "--configfile=/traefik.yml"
    environment:
      - CF_API_TOKEN=removed
      - CF_API_EMAIL=removed
    networks:
      - traefik-net
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "/home/cinder/traefik/traefik.toml:/traefik.yml"
      - "/home/cinder/traefik/acme.json:/acme.json"
    deploy:
      placement:
        constraints:
          - node.role == manager

  whoami:
    image: "containous/whoami"
    networks:
      - traefik-net
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.rule=Host(`h.cinderithink.lol`) && Path(`/whoami`)"
      - "traefik.http.routers.whoami.entrypoints=https"
      - "traefik.http.routers.whoami.tls=true"

networks:
  traefik-net:
    driver: overlay
2

What’s the context of your error?

You mount a .toml file as .yml file, maybe that’s the issue.

Are you running only a single Traefik instance on your Docker Swarm managers? LetsEncrypt with multiple is not so easy.

Whoami has TLS enabled, but I see no custom TLS certs and the certresolver is neither assigned globally to entrypoint nor within the labels.

Traefik command is for static config, you can not combine it with further --configFile. Currently you have static config twice, decide for one method.

I recommend to update Traefik to latest v2.9.

3

I removed the static command configs (I realized they are all in the yaml file), corrected the toml to yml, and added a certresolver field to whoami (and changed to the correct entrypoint). I have Traefik set to only run on the manager node but I have it running on Docker Swarm to use the Docker provider. Here are my updated files:

docker compose:

version: '3.7'

services:
  traefik:
    image: traefik:v2.5
    command:
      - "--configfile=/traefik.yml"
    environment:
      - CF_API_TOKEN=removed
      - CF_API_EMAIL=removed
    networks:
      - traefik-net
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "/home/cinder/traefik/traefik.yml:/traefik.yml"
      - "/home/cinder/traefik/acme.json:/acme.json"
    deploy:
      placement:
        constraints:
          - node.role == manager

  whoami:
    image: "containous/whoami"
    networks:
      - traefik-net
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.rule=Host(`h.cinderithink.lol`) && Path(`/whoami`)"
      - "traefik.http.routers.whoami.entrypoints=web-secure"
      - "traefik.http.routers.whoami.tls=true"
      - "traefik.http.routers.whoami.tls.certresolver=letsencrypt"

networks:
  traefik-net:
    driver: overlay

traefik.yml:

entryPoints:
  web:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: web-secure
          scheme: https
  web-secure:
    address: ":443"

log:
  level: DEBUG

api:
  insecure: true
  dashboard: true
  debug: true
  
providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  
certificatesResolvers:
  letsencrypt:
    acme:
      email: "removed"
      storage: "/acme.json"
      dnsChallenge:
        provider: "cloudflare"
        delayBeforeCheck: 0
        resolvers:
          - "1.1.1.1:53"
          - "1.0.0.1:53"
        options:
          cloudflare:
            apiToken: "removed"

Now, I'm getting the following error: command traefik error: field not found, node: options.

  1. How do I fix that
  2. Do I need to keep the environment variables for my email and Cloudflare API token? I assume not since they're in my traefik.yml.

Thanks!

4

I fixed my issue. Turns out you can't define your Cloudflare API token through the traefik.yml and have to do it through an environment variable.

5

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.