Please help, I am loosing my mind over ssl

Traefik Traefik v1
21

Note that a wildcard certificate:

*.grillgeek.se

does NOT match

traefik.docker.grillgeek.se :wink:

1 Like
22

Oh I do know that. :slight_smile:

I have named the dashboard to dash and that is added everywhere in the traefik.toml so how this is put together is beyond me.

23

you are using onHostRule=true and you have set domain = "grillgeek.se", then the Traefik container it-self have a generated rule: Host:traefik.docker.grillgeek.se

1 Like
24

That is a line from some guide I have read today... remove?
It can not be used for wildcard domains... say what? Ok it is gone.

25

@Idez ssshhh but it is working now... at least for my main domain... no warnings, log is empty.
THANK YOU! :heart_eyes:

I will help others after this struggle of mine, learnt some of what Traefik is. :slight_smile:

We will see what happens when I add the next subdomain... and the next...
First up is Nextcloud, then Plex...

1 Like
26

I will give you some tips to debug Traefik:

  • with the log level DEBUG, try to find Global configuration loaded, this line contains your static configuration in a JSON format. (the auth and certificates information are removed)
  • try to find lines with level=error, they contains important information about problems
  • with the log level DEBUG, try to find Configuration received from provider docker:, this line contains the effective configuration built by Traefik for your containers.

I can see you :wink: https://grillgeek.se/

1 Like
27

I am so grateful for sticking with me, I hope that I haven't sounded to stupid... :slight_smile:
I have learnt a lot today. And I will read up on how to add subdomains now - before I do it and mess everything up again.

28

The dashboard is available on localhost:8080

if you want to add a domain on it:

version: '3.7'
services:

    traefik:
        image: traefik:v1.7.13
        container_name: traefik
        restart: always
        networks:
            - web
        ports:
            - 80:80
            - 443:443
            - 8080:8080
        volumes:
            - /var/run/docker.sock:/var/run/docker.sock:ro
            - /home/ladmin/docker/traefik/traefik.toml:/traefik.toml
            - /home/ladmin/docker/traefik/acme.json:/acme.json
        environment:
            - CF_API_EMAIL=${CLOUDFLARE_EMAIL}
            - CF_API_KEY=${CLOUDFLARE_API_KEY}
        labels:
          - 'traefik.port=8080'
          - 'traefik.docker.network=web'
          - 'traefik.enable=true'
          - 'traefik.frontend.rule=Host:admin.docker.localhost'
29

Yeah I found it. grillgeek.se:8000 as well. Password protected. Phew.

30

Added that labels part, and changed the last line to:

  • 'traefik.frontend.rule=Host:dash.localhost, dash.${DOMAINNAME}'