使用Traefik和LetsEncrypt部署应用程序时出现“内部服务器错误”

时间:2020-04-16 22:11:43

标签: docker ssl https lets-encrypt traefik

我不熟悉Traefik的SSL证书,因此在成功部署方面遇到了真正的麻烦。

我有一个服务器和域,已使用Traefik和Http部署了我的应用程序,而没有任何问题。我现在想部署在端口9000上运行的同一应用程序,并在Traefik docs之后使用LetsEncrypt将其部署在Https中。我可以使用SSL检查器来验证证书是否已正确创建,但是,当我尝试访问该网站时,我得到了Internal Server Error。在任何一个docker日志中均未报告任何错误,我无法弄清楚下一步该怎么做。

docker-compose.yml 

version: '2'

services:
  traefik:
    image: traefik:v1.7
    restart: always
    ports:
      - 80:80
      - 443:443
    networks:
      - web
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /opt/traefik/traefik.toml:/traefik.toml
      - /opt/traefik/acme.json:/acme.json
    container_name: traefik

  app:
    image: myapp_image
    container_name: app
    restart: always
    networks:
      - web
    ports:
      - "9000:9000"
    labels:
      - "traefik.docker.network=web"
      - "traefik.enable=true"
      - "traefik.basic.frontend.rule=Host:myapp.com"
      - "traefik.basic.port=9000"
      - "traefik.basic.protocol=http"
      - "traefik.admin.frontend.rule=Host:myapp.com"
      - "traefik.admin.protocol=https"
      - "traefik.admin.port=9000"

networks:
  web:
    external: true

traefik.toml 

debug = false

logLevel = "ERROR"
defaultEntryPoints = ["https","http"]

[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
  [entryPoints.https]
  address = ":443"
  [entryPoints.https.tls]

[retry]

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "myapp.com"
watch = true
exposedByDefault = false

[acme]
email = "myemail@email.com"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"

1 个答案:

答案 0 :(得分:0)

终于可以找到一个可行的解决方案。我可能只是在使用旧信息,但是找到here的最佳参考,该参考使用Traefik在LetsEncrypt的Https上托管应用程序。

有效的Yaml示例如下。使用此示例还将消除对Toml文件的需要!

version: "3.3"

services:

  traefik:
    image: "traefik:v2.2"
    container_name: "traefik"
    command:
      #- "--log.level=DEBUG"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
      #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
      - "--certificatesresolvers.myresolver.acme.email=postmaster@example.com"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
    ports:
      - "443:443"
      - "8080:8080"
    volumes:
      - "./letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

  whoami:
    image: "containous/whoami"
    container_name: "simple-service"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.rule=Host(`whoami.example.com`)"
      - "traefik.http.routers.whoami.entrypoints=websecure"
      - "traefik.http.routers.whoami.tls.certresolver=myresolver"
相关问题
最新问题