Fatal编程技术网
  • docker-compose/
  • Docker compose 如何重新发行let';s在docker上为Trafik添加新子域/多个域时进行加密,并配置重构 我之前添加额外域的努力只是为了 码头工人放下 删除acme.json文件 在traefik.toml中为新域添加另一节 docker compose up-d 生成了新的acme.json

Docker compose 如何重新发行let';s在docker上为Trafik添加新子域/多个域时进行加密,并配置重构 我之前添加额外域的努力只是为了 码头工人放下 删除acme.json文件 在traefik.toml中为新域添加另一节 docker compose up-d 生成了新的acme.json

docker-compose

Docker compose 如何重新发行let';s在docker上为Trafik添加新子域/多个域时进行加密,并配置重构 我之前添加额外域的努力只是为了 码头工人放下 删除acme.json文件 在traefik.toml中为新域添加另一节 docker compose up-d 生成了新的acme.json,docker-compose,refactoring,lets-encrypt,traefik,code-readability,Docker Compose,Refactoring,Lets Encrypt,Traefik,Code Readability,现在问题是我尝试了同样的程序但失败了, json文件,如果我删除该文件并执行docker compose down和docker compose up-d,它将被创建为一个目录 另外,我想添加新的子域,由于某些原因,证书中只有www可用。有人能检查一下我的配置,看看我哪里出错了吗 删除域的当前证书并重新颁发具有其他子域的新证书的好方法是什么 在这里,如何重构自己的配置文件中的traefik.frontend.rule=PathPrefix标签,因为它们很难维护 在docker composer基

现在问题是我尝试了同样的程序但失败了, json文件,如果我删除该文件并执行docker compose down和docker compose up-d,它将被创建为一个目录

另外,我想添加新的子域,由于某些原因,证书中只有www可用。有人能检查一下我的配置,看看我哪里出错了吗

删除域的当前证书并重新颁发具有其他子域的新证书的好方法是什么

  • 在这里,如何重构自己的配置文件中的
    traefik.frontend.rule=PathPrefix
    标签,因为它们很难维护
    • 在docker composer基本目录中,我得到了一个名为traefik/的目录,用于具有Trafik docker映像的相同服务

    特拉菲克 acme.json docker-compose.yml .env文件内容 
    debug = false

logLevel = "ERROR"
defaultEntryPoints = ["https","http"]

[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
  [entryPoints.https]
  address = ":443"
  [entryPoints.https.tls]

[docker]
domain = 'mydomain.mk'
exposedByDefault = false

[acme]
email = "info@mydomain.mk"
storage = "acme.json"
entryPoint = "https"
onHostRule = true

[acme.httpChallenge]
entryPoint = "http"

[[acme.domains]]
main = "*.mydomain.mk"
sans = ["mydomain.mk", "www.mydomain.mk", "api.mydomain.mk", "beta.mydomain.mk"]


[[acme.domains]]
main = "*.mydomain.de"
sans = ["mydomain.de", "www.mydomain.de", "api.mydomain.de", "beta.mydomain.de"]

        {
      "Account": {
        "Email": "info@mydomain.mk",
        "Registration": {
          "body": {
            "status": "valid",
            "contact": [
              "mailto:info@mydomain.mk"
            ]
          },
          "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/50006191"
        },
        "PrivateKey": "base64 excerpt...",
        "KeyType": "4096"
      },
      "Certificates": [
        {
          "Domain": {
            "Main": "mydomain.mk",
            "SANs": [
              "www.mydomain.mk"
            ]
          },
          "Certificate": "base64 excerpt...",
          "Key": "base64 excerpt...
        },
        {
          "Domain": {
            "Main": "mydomain.de",
            "SANs": [
              "www.mydomain.de"
            ]
          },
          "Certificate": "base64 excerpt...",
          "Key": "base64 excerpt..."
        }
      ],
      "HTTPChallenges": {},
      "TLSChallenges": null
    }

    version: '3.1'
services:
  traefik:
    image: traefik
    command:
        --accessLog.filePath="/logs/access.log" \
        --acme.storage=/acme.json --logLevel=debug \
        ${TRAEFIK_ENTRYPOINT_HTTP} ${TRAEFIK_ENTRYPOINT_HTTPS} \
        --defaultentrypoints=${TRAEFIK_DEFAULT_ENTRYPOINTS} \
        --acme=${ACME_ENABLE} --acme.entrypoint=https --acme.httpchallenge --acme.httpchallenge.entrypoint=http \
        --acme.domains="${ACME_DOMAINS}" --acme.email="${ACME_EMAIL}" \
        --docker --docker.domain="${DOCKER_DOMAIN}" --docker.endpoint="unix:///var/run/docker.sock" \
        --docker.watch=true --docker.exposedbydefault="true"
    ports:
      - "${EDGE_PORT:-80:80}"           # The HTTP port
      - "${EDGES_PORT:-443:443}"        # The HTTPS port
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock  # So that Traefik can listen to the Docker events
      - ./traefik/traefik.toml:/traefik.toml
      - ./traefik/acme.json:/acme.json
      - router-logs:/logs
    labels:
      - "traefik.frontend.headers.allowedHosts=www.mydomain.mk,mydomain.mk,www.mydomain.de,mydomain.de,${ADDITIONAL_HOSTS}"
      - "traefik.frontend.headers.browserXSSFilter=true"

    restart: on-failure
  service1:
      image: '${DOCKER_REGISTRY:-mydomain.mk:5000/}${SERVICE1_IMG:-service1:latest}'
      labels:
          - "traefik.port=80"
          - "traefik.frontend.entryPoints=https,http"
          - "traefik.frontend.rule=PathPrefix:/v/,/v/dashboard,/v/dashboard/"
          - "traefik.frontend.rule=PathPrefixStrip:/v/,/v/dashboard,/v/dashboard/"
          - "traefik.frontend.headers.allowedHosts=www.mydomain.mk,mydomain.mk,www.mydomain.de,mydomain.de,${ADDITIONAL_HOSTS}"
          - "traefik.frontend.headers.browserXSSFilter=true"

    EDGE_PORT=80:80
EDGES_PORT=443:443

# This will allow local development or new domains
# ADDITIONAL_HOSTS=

# ACME
ACME_ENABLE=true
ACME_EMAIL=info@mydomain.mk
ACME_DOMAINS=mydomain.mk,www.mydomain.mk,mydomain.de,www.mydomain.de

DOCKER_DOMAIN=mydomain.mk

TRAEFIK_DEFAULT_ENTRYPOINTS=http
TRAEFIK_ENTRYPOINT_HTTP=--entryPoints="Name:http Address::80"
TRAEFIK_ENTRYPOINT_HTTPS=--entryPoints="Name:https Address::443 TLS"
TRAEFIK_HOST=mydomain.mk,www.mydomain.mk,mydomain.de,www.mydomain.de