作为一个完整的 Traefik 2 初学者,我已经尝试了一个多星期让我的 docker 容器与 Traefik 2 一起工作,但我现在正在兜圈子。 我学习了几十个教程,但它们都朝着不同的方向发展。
我找到了一个似乎是最简单的,最后我有一个 Compose 脚本可以与我的 Organizr 容器 (https://organizr.domain.com) 一起使用,但是当我添加 Portainer< /strong> (https://portainer.domain.com),任何浏览器请求都只显示“未找到”(不是 404 错误),我在 Traefik 日志中看不到任何明显的错误报告。身份验证似乎也有效,因为 acme.json 包含相同的 Organizr、Portainer 和 Traefik 证书。
顺便说一句:我必须使用通过 CNAME 记录定义的子域,因为我使用的是 Namecheap 并且不能使用通配符。
我的撰写脚本:
version: "3"
networks:
web:
external: true
default:
driver: bridge
services:
traefik:
container_name: traefik
image: traefik:2.3
command: --log.level=DEBUG
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ${DOCKERDIR}/traefik_3:/etc/traefik
networks:
- web
- default
ports:
- "80:80"
- "443:443"
restart: unless-stopped
organizr:
container_name: organizr
image: organizr/organizr
restart: unless-stopped
networks:
- web
volumes:
- ${DOCKERDIR}/organizr:/config
environment:
- fpm=true
- branch=v2-master
labels:
- "traefik.enable=true"
- "traefik.http.routers.organizr-rtr.entrypoints=websecure"
- "traefik.http.routers.organizr-rtr.rule=Host(`organizr.$DOMAINNAME`)"
- "traefik.http.routers.organizr-rtr.tls=true"
- "traefik.http.routers.organizr-rtr.tls.certresolver=lets-encrypt"
portainer:
container_name: portainer
image: portainer/portainer-ce:latest
restart: unless-stopped
command: -H unix:///var/run/docker.sock
networks:
- web
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${DOCKERDIR}/portainer/data:/data
- ${DOCKERDIR}/shared:/shared
labels:
- "traefik.enable=true"
- "traefik.http.routers.portainer-rtr.entrypoints=websecure"
- "traefik.http.routers.portainer-rtr.rule=Host(`portainer.$DOMAINNAME`)"
- "traefik.http.routers.portainer-rtr.tls=true"
- "traefik.http.routers.portainer-rtr.tls.certresolver=lets-encrypt"
- "traefik.port=9000"
traefik.toml:
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.web.http.redirections.entryPoint]
to = "websecure"
scheme = "https"
[entryPoints.websecure]
address = ":443"
[log]
level = "DEBUG"
[api]
dashboard = true
[certificatesResolvers.lets-encrypt.acme]
email = "my-email-address"
storage = "/etc/traefik/acme.json"
[certificatesResolvers.lets-encrypt.acme.tlsChallenge]
[providers]
[providers.docker]
watch = true
network = "web"
[providers.file]
filename = "/etc/traefik/dynamic_3.toml"
以及我在 dynamic_3.toml
中的动态定义[http.middlewares.simpleAuth.basicAuth]
users = [
"user:$........htpasswd......."
]
[http.routers.api]
rule = "Host(`monitor.domain.com`)"
entrypoints = ["websecure"]
middlewares = ["simpleAuth"]
service = "api@internal"
[http.routers.api.tls]
certResolver = "lets-encrypt"