Docker compose 如何重新发行let';s在docker上为Trafik添加新子域/多个域时进行加密,并配置重构 我之前添加额外域的努力只是为了 码头工人放下 删除acme.json文件 在traefik.toml中为新域添加另一节 docker compose up-d 生成了新的acme.json
现在问题是我尝试了同样的程序但失败了, json文件,如果我删除该文件并执行docker compose down和docker compose up-d,它将被创建为一个目录 另外,我想添加新的子域,由于某些原因,证书中只有www可用。有人能检查一下我的配置,看看我哪里出错了吗 删除域的当前证书并重新颁发具有其他子域的新证书的好方法是什么Docker compose 如何重新发行let';s在docker上为Trafik添加新子域/多个域时进行加密,并配置重构 我之前添加额外域的努力只是为了 码头工人放下 删除acme.json文件 在traefik.toml中为新域添加另一节 docker compose up-d 生成了新的acme.json,docker-compose,refactoring,lets-encrypt,traefik,code-readability,Docker Compose,Refactoring,Lets Encrypt,Traefik,Code Readability,现在问题是我尝试了同样的程序但失败了, json文件,如果我删除该文件并执行docker compose down和docker compose up-d,它将被创建为一个目录 另外,我想添加新的子域,由于某些原因,证书中只有www可用。有人能检查一下我的配置,看看我哪里出错了吗 删除域的当前证书并重新颁发具有其他子域的新证书的好方法是什么 在这里,如何重构自己的配置文件中的traefik.frontend.rule=PathPrefix标签,因为它们很难维护 在docker composer基
traefik.frontend.rule=PathPrefix
标签,因为它们很难维护debug = false
logLevel = "ERROR"
defaultEntryPoints = ["https","http"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[docker]
domain = 'mydomain.mk'
exposedByDefault = false
[acme]
email = "info@mydomain.mk"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
[[acme.domains]]
main = "*.mydomain.mk"
sans = ["mydomain.mk", "www.mydomain.mk", "api.mydomain.mk", "beta.mydomain.mk"]
[[acme.domains]]
main = "*.mydomain.de"
sans = ["mydomain.de", "www.mydomain.de", "api.mydomain.de", "beta.mydomain.de"]
{
"Account": {
"Email": "info@mydomain.mk",
"Registration": {
"body": {
"status": "valid",
"contact": [
"mailto:info@mydomain.mk"
]
},
"uri": "https://acme-v02.api.letsencrypt.org/acme/acct/50006191"
},
"PrivateKey": "base64 excerpt...",
"KeyType": "4096"
},
"Certificates": [
{
"Domain": {
"Main": "mydomain.mk",
"SANs": [
"www.mydomain.mk"
]
},
"Certificate": "base64 excerpt...",
"Key": "base64 excerpt...
},
{
"Domain": {
"Main": "mydomain.de",
"SANs": [
"www.mydomain.de"
]
},
"Certificate": "base64 excerpt...",
"Key": "base64 excerpt..."
}
],
"HTTPChallenges": {},
"TLSChallenges": null
}
version: '3.1'
services:
traefik:
image: traefik
command:
--accessLog.filePath="/logs/access.log" \
--acme.storage=/acme.json --logLevel=debug \
${TRAEFIK_ENTRYPOINT_HTTP} ${TRAEFIK_ENTRYPOINT_HTTPS} \
--defaultentrypoints=${TRAEFIK_DEFAULT_ENTRYPOINTS} \
--acme=${ACME_ENABLE} --acme.entrypoint=https --acme.httpchallenge --acme.httpchallenge.entrypoint=http \
--acme.domains="${ACME_DOMAINS}" --acme.email="${ACME_EMAIL}" \
--docker --docker.domain="${DOCKER_DOMAIN}" --docker.endpoint="unix:///var/run/docker.sock" \
--docker.watch=true --docker.exposedbydefault="true"
ports:
- "${EDGE_PORT:-80:80}" # The HTTP port
- "${EDGES_PORT:-443:443}" # The HTTPS port
volumes:
- /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
- ./traefik/traefik.toml:/traefik.toml
- ./traefik/acme.json:/acme.json
- router-logs:/logs
labels:
- "traefik.frontend.headers.allowedHosts=www.mydomain.mk,mydomain.mk,www.mydomain.de,mydomain.de,${ADDITIONAL_HOSTS}"
- "traefik.frontend.headers.browserXSSFilter=true"
restart: on-failure
service1:
image: '${DOCKER_REGISTRY:-mydomain.mk:5000/}${SERVICE1_IMG:-service1:latest}'
labels:
- "traefik.port=80"
- "traefik.frontend.entryPoints=https,http"
- "traefik.frontend.rule=PathPrefix:/v/,/v/dashboard,/v/dashboard/"
- "traefik.frontend.rule=PathPrefixStrip:/v/,/v/dashboard,/v/dashboard/"
- "traefik.frontend.headers.allowedHosts=www.mydomain.mk,mydomain.mk,www.mydomain.de,mydomain.de,${ADDITIONAL_HOSTS}"
- "traefik.frontend.headers.browserXSSFilter=true"
EDGE_PORT=80:80
EDGES_PORT=443:443
# This will allow local development or new domains
# ADDITIONAL_HOSTS=
# ACME
ACME_ENABLE=true
ACME_EMAIL=info@mydomain.mk
ACME_DOMAINS=mydomain.mk,www.mydomain.mk,mydomain.de,www.mydomain.de
DOCKER_DOMAIN=mydomain.mk
TRAEFIK_DEFAULT_ENTRYPOINTS=http
TRAEFIK_ENTRYPOINT_HTTP=--entryPoints="Name:http Address::80"
TRAEFIK_ENTRYPOINT_HTTPS=--entryPoints="Name:https Address::443 TLS"
TRAEFIK_HOST=mydomain.mk,www.mydomain.mk,mydomain.de,www.mydomain.de