Docker 矩阵(synapse)主服务器,带有Traefik和Let';s加密
我真的很想让矩阵服务器(synapse)运行起来,使用traefik for LetsEncrypt。我还认为,如果网络中有一个在2020年中期实际存在的完整示例:-),则有必要让其他人更容易建立这个模型 不幸的是,我在这个话题上度过了绝望的日子。如果有人能帮忙,我会非常感激的 我想做什么(每个要点一个docker容器):Docker 矩阵(synapse)主服务器,带有Traefik和Let';s加密,docker,docker-compose,lets-encrypt,traefik,matrix-synapse,Docker,Docker Compose,Lets Encrypt,Traefik,Matrix Synapse,我真的很想让矩阵服务器(synapse)运行起来,使用traefik for LetsEncrypt。我还认为,如果网络中有一个在2020年中期实际存在的完整示例:-),则有必要让其他人更容易建立这个模型 不幸的是,我在这个话题上度过了绝望的日子。如果有人能帮忙,我会非常感激的 我想做什么(每个要点一个docker容器): matrix.myhost.de:/var/docker_data/traefik# ls -l -rw-r--r-- 1 root root 0 Jun 11 18:
matrix.myhost.de:/var/docker_data/traefik# ls -l
-rw-r--r-- 1 root root 0 Jun 11 18:26 acme.json
-rw-r--r-- 1 root root 1552 Jun 13 13:24 docker-compose.yml
-rw-r--r-- 1 root root 563 Jun 13 13:22 traefik.toml
matrix.myhost.de:/var/docker_data/traefik# cat docker-compose.yml
version: '3'
services:
traefik:
image: traefik:latest
container_name: traefik
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/docker_data/traefik:/etc/traefik
labels:
- traefik.frontend.rule=Host:traefik.myhost.de
- traefik.frontend.entryPoints=https
- traefik.port=8080
- traefik.frontend.auth.basic=admin:somePW
- traefik.backend=traefik
matrix.myhost.de:/var/docker_data/traefik# cat traefik.toml
logLevel = "DEBUG"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint="https"
[entryPoints.https]
address = ":443"
# [entryPoints.https.tls]
[api]
dashboard = true
insecure = true
[certificateResolvers.http.acme]
email = "post@myaddress.de"
storage = "/etc/traefik/acme.json"
entryPoint = "http"
onHostRule = true
acmeLogging =true
[acme.httpChallenge]
entryPoint = "http"
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
exposedByDefault = false
matrix.myhost.de:/var/docker_data/matrix# cat docker-compose.yml
version: '3.3'
services:
app:
image: matrixdotorg/synapse
restart: always
volumes:
- /var/docker_data/matrix:/data
labels:
- "traefik.frontend.entryPoints=http,https"
- "traefik.port=8008"
- "traefik.backend=matrix"
- "traefik.frontend.rule=Host:matrix.myhost.de"
container_name: matrix
- Traefik(作为反向代理,用于不将单个服务直接提供给外部端口;用于处理Let's Encrypt)
- Synapse(作为安装的第一个目标,用于启动基本服务;如果可能,作为一个docker与SQL server组合)
- 后来:暴动作为本地安装
matrix.myhost.de:/var/docker_data/traefik# ls -l
-rw-r--r-- 1 root root 0 Jun 11 18:26 acme.json
-rw-r--r-- 1 root root 1552 Jun 13 13:24 docker-compose.yml
-rw-r--r-- 1 root root 563 Jun 13 13:22 traefik.toml
matrix.myhost.de:/var/docker_data/traefik# cat docker-compose.yml
version: '3'
services:
traefik:
image: traefik:latest
container_name: traefik
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/docker_data/traefik:/etc/traefik
labels:
- traefik.frontend.rule=Host:traefik.myhost.de
- traefik.frontend.entryPoints=https
- traefik.port=8080
- traefik.frontend.auth.basic=admin:somePW
- traefik.backend=traefik
matrix.myhost.de:/var/docker_data/traefik# cat traefik.toml
logLevel = "DEBUG"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint="https"
[entryPoints.https]
address = ":443"
# [entryPoints.https.tls]
[api]
dashboard = true
insecure = true
[certificateResolvers.http.acme]
email = "post@myaddress.de"
storage = "/etc/traefik/acme.json"
entryPoint = "http"
onHostRule = true
acmeLogging =true
[acme.httpChallenge]
entryPoint = "http"
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
exposedByDefault = false
matrix.myhost.de:/var/docker_data/matrix# cat docker-compose.yml
version: '3.3'
services:
app:
image: matrixdotorg/synapse
restart: always
volumes:
- /var/docker_data/matrix:/data
labels:
- "traefik.frontend.entryPoints=http,https"
- "traefik.port=8008"
- "traefik.backend=matrix"
- "traefik.frontend.rule=Host:matrix.myhost.de"
container_name: matrix
Traefik的目录结构:
matrix.myhost.de:/var/docker_data/traefik# ls -l
-rw-r--r-- 1 root root 0 Jun 11 18:26 acme.json
-rw-r--r-- 1 root root 1552 Jun 13 13:24 docker-compose.yml
-rw-r--r-- 1 root root 563 Jun 13 13:22 traefik.toml
matrix.myhost.de:/var/docker_data/traefik# cat docker-compose.yml
version: '3'
services:
traefik:
image: traefik:latest
container_name: traefik
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/docker_data/traefik:/etc/traefik
labels:
- traefik.frontend.rule=Host:traefik.myhost.de
- traefik.frontend.entryPoints=https
- traefik.port=8080
- traefik.frontend.auth.basic=admin:somePW
- traefik.backend=traefik
matrix.myhost.de:/var/docker_data/traefik# cat traefik.toml
logLevel = "DEBUG"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint="https"
[entryPoints.https]
address = ":443"
# [entryPoints.https.tls]
[api]
dashboard = true
insecure = true
[certificateResolvers.http.acme]
email = "post@myaddress.de"
storage = "/etc/traefik/acme.json"
entryPoint = "http"
onHostRule = true
acmeLogging =true
[acme.httpChallenge]
entryPoint = "http"
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
exposedByDefault = false
matrix.myhost.de:/var/docker_data/matrix# cat docker-compose.yml
version: '3.3'
services:
app:
image: matrixdotorg/synapse
restart: always
volumes:
- /var/docker_data/matrix:/data
labels:
- "traefik.frontend.entryPoints=http,https"
- "traefik.port=8008"
- "traefik.backend=matrix"
- "traefik.frontend.rule=Host:matrix.myhost.de"
container_name: matrix
为Traefik编写Docker:
matrix.myhost.de:/var/docker_data/traefik# ls -l
-rw-r--r-- 1 root root 0 Jun 11 18:26 acme.json
-rw-r--r-- 1 root root 1552 Jun 13 13:24 docker-compose.yml
-rw-r--r-- 1 root root 563 Jun 13 13:22 traefik.toml
matrix.myhost.de:/var/docker_data/traefik# cat docker-compose.yml
version: '3'
services:
traefik:
image: traefik:latest
container_name: traefik
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/docker_data/traefik:/etc/traefik
labels:
- traefik.frontend.rule=Host:traefik.myhost.de
- traefik.frontend.entryPoints=https
- traefik.port=8080
- traefik.frontend.auth.basic=admin:somePW
- traefik.backend=traefik
matrix.myhost.de:/var/docker_data/traefik# cat traefik.toml
logLevel = "DEBUG"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint="https"
[entryPoints.https]
address = ":443"
# [entryPoints.https.tls]
[api]
dashboard = true
insecure = true
[certificateResolvers.http.acme]
email = "post@myaddress.de"
storage = "/etc/traefik/acme.json"
entryPoint = "http"
onHostRule = true
acmeLogging =true
[acme.httpChallenge]
entryPoint = "http"
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
exposedByDefault = false
matrix.myhost.de:/var/docker_data/matrix# cat docker-compose.yml
version: '3.3'
services:
app:
image: matrixdotorg/synapse
restart: always
volumes:
- /var/docker_data/matrix:/data
labels:
- "traefik.frontend.entryPoints=http,https"
- "traefik.port=8008"
- "traefik.backend=matrix"
- "traefik.frontend.rule=Host:matrix.myhost.de"
container_name: matrix
Traefik的配置:
matrix.myhost.de:/var/docker_data/traefik# ls -l
-rw-r--r-- 1 root root 0 Jun 11 18:26 acme.json
-rw-r--r-- 1 root root 1552 Jun 13 13:24 docker-compose.yml
-rw-r--r-- 1 root root 563 Jun 13 13:22 traefik.toml
matrix.myhost.de:/var/docker_data/traefik# cat docker-compose.yml
version: '3'
services:
traefik:
image: traefik:latest
container_name: traefik
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/docker_data/traefik:/etc/traefik
labels:
- traefik.frontend.rule=Host:traefik.myhost.de
- traefik.frontend.entryPoints=https
- traefik.port=8080
- traefik.frontend.auth.basic=admin:somePW
- traefik.backend=traefik
matrix.myhost.de:/var/docker_data/traefik# cat traefik.toml
logLevel = "DEBUG"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint="https"
[entryPoints.https]
address = ":443"
# [entryPoints.https.tls]
[api]
dashboard = true
insecure = true
[certificateResolvers.http.acme]
email = "post@myaddress.de"
storage = "/etc/traefik/acme.json"
entryPoint = "http"
onHostRule = true
acmeLogging =true
[acme.httpChallenge]
entryPoint = "http"
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
exposedByDefault = false
matrix.myhost.de:/var/docker_data/matrix# cat docker-compose.yml
version: '3.3'
services:
app:
image: matrixdotorg/synapse
restart: always
volumes:
- /var/docker_data/matrix:/data
labels:
- "traefik.frontend.entryPoints=http,https"
- "traefik.port=8008"
- "traefik.backend=matrix"
- "traefik.frontend.rule=Host:matrix.myhost.de"
container_name: matrix
Docker合成für突触:
matrix.myhost.de:/var/docker_data/traefik# ls -l
-rw-r--r-- 1 root root 0 Jun 11 18:26 acme.json
-rw-r--r-- 1 root root 1552 Jun 13 13:24 docker-compose.yml
-rw-r--r-- 1 root root 563 Jun 13 13:22 traefik.toml
matrix.myhost.de:/var/docker_data/traefik# cat docker-compose.yml
version: '3'
services:
traefik:
image: traefik:latest
container_name: traefik
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/docker_data/traefik:/etc/traefik
labels:
- traefik.frontend.rule=Host:traefik.myhost.de
- traefik.frontend.entryPoints=https
- traefik.port=8080
- traefik.frontend.auth.basic=admin:somePW
- traefik.backend=traefik
matrix.myhost.de:/var/docker_data/traefik# cat traefik.toml
logLevel = "DEBUG"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint="https"
[entryPoints.https]
address = ":443"
# [entryPoints.https.tls]
[api]
dashboard = true
insecure = true
[certificateResolvers.http.acme]
email = "post@myaddress.de"
storage = "/etc/traefik/acme.json"
entryPoint = "http"
onHostRule = true
acmeLogging =true
[acme.httpChallenge]
entryPoint = "http"
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
exposedByDefault = false
matrix.myhost.de:/var/docker_data/matrix# cat docker-compose.yml
version: '3.3'
services:
app:
image: matrixdotorg/synapse
restart: always
volumes:
- /var/docker_data/matrix:/data
labels:
- "traefik.frontend.entryPoints=http,https"
- "traefik.port=8008"
- "traefik.backend=matrix"
- "traefik.frontend.rule=Host:matrix.myhost.de"
container_name: matrix
DNS:
matrix.myhost.de:/var/docker_data/traefik# ls -l
-rw-r--r-- 1 root root 0 Jun 11 18:26 acme.json
-rw-r--r-- 1 root root 1552 Jun 13 13:24 docker-compose.yml
-rw-r--r-- 1 root root 563 Jun 13 13:22 traefik.toml
matrix.myhost.de:/var/docker_data/traefik# cat docker-compose.yml
version: '3'
services:
traefik:
image: traefik:latest
container_name: traefik
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/docker_data/traefik:/etc/traefik
labels:
- traefik.frontend.rule=Host:traefik.myhost.de
- traefik.frontend.entryPoints=https
- traefik.port=8080
- traefik.frontend.auth.basic=admin:somePW
- traefik.backend=traefik
matrix.myhost.de:/var/docker_data/traefik# cat traefik.toml
logLevel = "DEBUG"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint="https"
[entryPoints.https]
address = ":443"
# [entryPoints.https.tls]
[api]
dashboard = true
insecure = true
[certificateResolvers.http.acme]
email = "post@myaddress.de"
storage = "/etc/traefik/acme.json"
entryPoint = "http"
onHostRule = true
acmeLogging =true
[acme.httpChallenge]
entryPoint = "http"
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
exposedByDefault = false
matrix.myhost.de:/var/docker_data/matrix# cat docker-compose.yml
version: '3.3'
services:
app:
image: matrixdotorg/synapse
restart: always
volumes:
- /var/docker_data/matrix:/data
labels:
- "traefik.frontend.entryPoints=http,https"
- "traefik.port=8008"
- "traefik.backend=matrix"
- "traefik.frontend.rule=Host:matrix.myhost.de"
container_name: matrix
matrix.myhost.de和traefik.myhost.de指向我的服务器的ip地址。对于矩阵,有一个额外的srv条目(我希望是正确的?)
我所期望的:
matrix.myhost.de:/var/docker_data/traefik# ls -l
-rw-r--r-- 1 root root 0 Jun 11 18:26 acme.json
-rw-r--r-- 1 root root 1552 Jun 13 13:24 docker-compose.yml
-rw-r--r-- 1 root root 563 Jun 13 13:22 traefik.toml
matrix.myhost.de:/var/docker_data/traefik# cat docker-compose.yml
version: '3'
services:
traefik:
image: traefik:latest
container_name: traefik
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/docker_data/traefik:/etc/traefik
labels:
- traefik.frontend.rule=Host:traefik.myhost.de
- traefik.frontend.entryPoints=https
- traefik.port=8080
- traefik.frontend.auth.basic=admin:somePW
- traefik.backend=traefik
matrix.myhost.de:/var/docker_data/traefik# cat traefik.toml
logLevel = "DEBUG"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint="https"
[entryPoints.https]
address = ":443"
# [entryPoints.https.tls]
[api]
dashboard = true
insecure = true
[certificateResolvers.http.acme]
email = "post@myaddress.de"
storage = "/etc/traefik/acme.json"
entryPoint = "http"
onHostRule = true
acmeLogging =true
[acme.httpChallenge]
entryPoint = "http"
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
exposedByDefault = false
matrix.myhost.de:/var/docker_data/matrix# cat docker-compose.yml
version: '3.3'
services:
app:
image: matrixdotorg/synapse
restart: always
volumes:
- /var/docker_data/matrix:/data
labels:
- "traefik.frontend.entryPoints=http,https"
- "traefik.port=8008"
- "traefik.backend=matrix"
- "traefik.frontend.rule=Host:matrix.myhost.de"
container_name: matrix
在matrix和traefik目录中的“docker compose up”之后,traefik在Let's Encrypt自动注册站点,我在traefik.myhost.de/matrix.myhost.de上看到了一些网页,并且能够进行配置
发生了什么:
matrix.myhost.de:/var/docker_data/traefik# ls -l
-rw-r--r-- 1 root root 0 Jun 11 18:26 acme.json
-rw-r--r-- 1 root root 1552 Jun 13 13:24 docker-compose.yml
-rw-r--r-- 1 root root 563 Jun 13 13:22 traefik.toml
matrix.myhost.de:/var/docker_data/traefik# cat docker-compose.yml
version: '3'
services:
traefik:
image: traefik:latest
container_name: traefik
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/docker_data/traefik:/etc/traefik
labels:
- traefik.frontend.rule=Host:traefik.myhost.de
- traefik.frontend.entryPoints=https
- traefik.port=8080
- traefik.frontend.auth.basic=admin:somePW
- traefik.backend=traefik
matrix.myhost.de:/var/docker_data/traefik# cat traefik.toml
logLevel = "DEBUG"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint="https"
[entryPoints.https]
address = ":443"
# [entryPoints.https.tls]
[api]
dashboard = true
insecure = true
[certificateResolvers.http.acme]
email = "post@myaddress.de"
storage = "/etc/traefik/acme.json"
entryPoint = "http"
onHostRule = true
acmeLogging =true
[acme.httpChallenge]
entryPoint = "http"
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
exposedByDefault = false
matrix.myhost.de:/var/docker_data/matrix# cat docker-compose.yml
version: '3.3'
services:
app:
image: matrixdotorg/synapse
restart: always
volumes:
- /var/docker_data/matrix:/data
labels:
- "traefik.frontend.entryPoints=http,https"
- "traefik.port=8008"
- "traefik.backend=matrix"
- "traefik.frontend.rule=Host:matrix.myhost.de"
container_name: matrix
在matrix-and-traefik目录中“docker compose up”之后,我没有收到来自这两个目录的任何错误消息
但是:
有人有2cents吗?看起来您正在使用traefik v1.7的配置语法,这在traefik:latest映像上不起作用。 v2的主机头规则如下所示: traefik.http.routers.routername.rule=Host(
example.com
)
也不要使用:
[空气污染指数]
不安全=正确
对于任何公开可用的内容。看起来您正在使用traefik v1.7的配置语法,该语法在traefik:latest映像上不起作用。 v2的主机头规则如下所示: traefik.http.routers.routername.rule=Host(
example.com
)
也不要使用:
[空气污染指数]
不安全=正确
任何可以公开获取的信息