我希望这里有人可以帮助我。
我已经在Synology NAS上的docker中设置了Traefik,并指向端口80和443。除TLS外,其他所有功能均正常。我正在使用Cloudflare DNS挑战,无论我输入什么内容,始终会产生401无效凭据错误。我已三重检查我的电子邮件和API密钥是否正确。还有其他人遇到此问题吗?非常感谢您的帮助:)
docker-compose.yaml
traefik:
image: traefik:latest
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
ports:
- 80:80
- 443:443
- 8080:8080
environment:
- "CF_API_EMAIL=email"
- "CF_API_KEY=api"
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${USERDIR}/traefik/data/traefik.yaml:/traefik.yml:ro
- ${USERDIR}/traefik/data/config.yaml:/config.yml:ro
- ${USERDIR}/traefik/data/acme:/acme
whoami:
container_name: whoami
image: containous/whoami
networks:
- proxy
security_opt:
- no-new-privileges:true
labels:
- "traefik.enable=true"
- "traefik.http.routers.whoami.rule=Host(`example.com`)"
- "traefik.http.routers.whoami.entrypoints=https"
- "traefik.http.routers.whoami.tls=true"
- "traefik.http.routers.whoami.tls.certResolver=myresolver"
traefik.yaml
entryPoints:
http:
address: ":80"
https:
address: ":443"
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
network: proxy
file:
filename: ./config.yml
certificatesResolvers:
myresolver:
acme:
email: email
storage: /acme/acme.json
dnsChallenge:
provider: cloudflare
resolvers:
- 1.1.1.1:53
- 1.0.0.1:53
caServer: https://acme-staging-v02.api.letsencrypt.org/directory
日志
level=error msg="Unable to obtain ACME certificate for domains "example.com": unable to generate a certificate for the domains [example.com]: error: one or more domains had a problem:\n[example.com] [example.com] acme: error presenting token: cloudflare: failed to create TXT record: error from makeRequest: HTTP status 401: invalid credentials\n" providerName=myresolver.acme routerName=whoami@docker rule="Host(`example.com`)"
答案 0 :(得分:1)
这在github帖子-https://github.com/containous/traefik/issues/6782
中得到了回答这是由于cloudflare最近删除了对.tk .ml的支持以及其他一些顶级域名(TLD)使用其apis