Трафик Intel NUC Lan

Я пытаюсь использовать Traefik в качестве шлюза на моем Intel NUC в моей домашней сети.

Когда я перехожу к https://nuc.local/traefik, я получаю 404 от Traefik вместо панели управления.

Это логи из док-контейнера traefik:

time="2021-01-21T11:45:12+01:00" level=debug msg="Loading ACME certificates [nuc.local]..." providerName=http.acme routerName=traefik-secure rule="Host(`nuc.local`) && PathPrefix(`/traefik`)"
time="2021-01-21T11:45:12+01:00" level=debug msg="Building ACME client..." providerName=http.acme
time="2021-01-21T11:45:12+01:00" level=debug msg="https://acme-v02.api.letsencrypt.org/directory" providerName=http.acme
time="2021-01-21T11:45:13+01:00" level=debug msg="Using HTTP Challenge provider." providerName=http.acme
time="2021-01-21T11:45:13+01:00" level=debug msg="legolog: [INFO] [nuc.local] acme: Obtaining bundled SAN certificate"
time="2021-01-21T11:45:13+01:00" level=error msg="Unable to obtain ACME certificate for domains \"nuc.local\": unable to generate a certificate for the domains [nuc.local]: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: Error creating new order :: Cannot issue for \"nuc.local\": Domain name does not end with a valid public suffix (TLD), url: " providerName=http.acme routerName=traefik-secure rule="Host(`nuc.local`) && PathPrefix(`/traefik`)"

Мой traefik docker-compose:

version: '3'

services:
  traefik:
    image: traefik:v2.0
    container_name: traefik
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    networks:
      - proxy
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./data/traefik.yml:/traefik.yml:ro
      - ./data/acme.json:/acme.json
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.entrypoints=http"
      - "traefik.http.routers.traefik.rule=Host(`nuc.local`) && PathPrefix(`/traefik`)"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=theo:$$apr1$$7s2uclNV$$FskVZNAeCWKJXRbWRhlL90"
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
      - "traefik.http.routers.traefik-secure.entrypoints=https"
      - "traefik.http.routers.traefik-secure.rule=Host(`nuc.local`) && PathPrefix(`/traefik`)"
      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
      - "traefik.http.routers.traefik-secure.tls=true"
      - "traefik.http.routers.traefik-secure.tls.certresolver=http"
      - "traefik.http.routers.traefik-secure.service=api@internal"

networks:
  proxy:
    external: true

Мой traefik.yml:

api:
  dashboard: true

entryPoints:
  http:
    address: ":80"
  https:
    address: ":443"

log:
  level: "DEBUG"    

providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false

certificatesResolvers:
  http:
    acme:
      email: [email protected]
      storage: acme.json
      httpChallenge:
        entryPoint: http

Я не знаю, как это исправить. Заранее спасибо.


traefik
person theo    schedule 21.01.2021    source источник

Ответы (1)


arrow_upward
0
arrow_downward

Я бы добавил еще одну точку входа для траэфик. Например, в вашем traefik.yml попробуйте следующее:

api:
  dashboard: true
  entryPoint = "api"

entryPoints:
  http:
    address: ":80"
  https:
    address: ":443"
  api:
    address: ":8080"

Убедитесь, что порт 8080 открыт в контейнере докера:

ports:
  - 80:80
  - 443:443
  - 8080:8080

Затем перейдите по адресу ‹nuc-ip-address›: 8080 в своем браузере.

person jared    schedule 21.01.2021