I'm trying to use Traefik to HTTPS Reverse proxy an application called Home Assistant. A webbrowser produces an error response. The Traefik log reports:
time="2020-03-24T21:23:24Z" level=error msg="Could not remove watcher for /config/: can't remove non-existent inotify watch for: /config/.app-hassio.toml.swp" providerName=file,
time="2020-03-24T21:23:29Z" level=error msg="Could not remove watcher for /config/: can't remove non-existent inotify watch for: /config/.app-hassio.toml.swp" providerName=file,
time="2020-03-24T21:23:38Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60034: remote error: tls: unknown certificate",
time="2020-03-24T21:23:38Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60035: remote error: tls: unknown certificate",
time="2020-03-24T21:23:38Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60036: remote error: tls: unknown certificate",
time="2020-03-24T21:23:39Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60040: remote error: tls: unknown certificate",
time="2020-03-24T21:24:03Z" level=error msg="Could not remove watcher for /config/: can't remove non-existent inotify watch for: /config/.app-hassio.toml.swp" providerName=file,
time="2020-03-24T21:24:08Z" level=error msg="Could not remove watcher for /config/: can't remove non-existent inotify watch for: /config/.app-hassio.toml.swp" providerName=file,
time="2020-03-24T21:24:48Z" level=error msg="Could not remove watcher for /config/: can't remove non-existent inotify watch for: /config/.app-hassio.toml.swp" providerName=file,
time="2020-03-24T21:24:51Z" level=error msg="Could not remove watcher for /config/: can't remove non-existent inotify watch for: /config/.app-hassio.toml.swp" providerName=file,
time="2020-03-24T21:25:48Z" level=debug msg="http: TLS handshake error from 209.212.41.20:13711: remote error: tls: unknown certificate",
time="2020-03-24T21:25:48Z" level=debug msg="http: TLS handshake error from 209.212.41.20:45250: remote error: tls: unknown certificate",
time="2020-03-24T21:25:53Z" level=debug msg="http: TLS handshake error from 209.212.41.20:34109: remote error: tls: unknown certificate",
time="2020-03-24T21:26:30Z" level=error msg="accept tcp [::]:80: use of closed network connection" entryPointName=web,
time="2020-03-24T21:26:30Z" level=error msg="close tcp [::]:80: use of closed network connection" entryPointName=web,
time="2020-03-24T21:26:30Z" level=error msg="accept tcp [::]:443: use of closed network connection" entryPointName=websecure,
time="2020-03-24T21:26:30Z" level=debug msg="http: TLS handshake error from 10.101.1.2:59671: read tcp 192.168.16.2:443->10.101.1.2:59671: use of closed network connection",
time="2020-03-24T21:26:30Z" level=error msg="accept tcp [::]:8080: use of closed network connection" entryPointName=traefik,
time="2020-03-24T21:26:30Z" level=error msg="close tcp [::]:8080: use of closed network connection" entryPointName=traefik,
time="2020-03-24T21:26:30Z" level=error msg="close tcp [::]:443: use of closed network connection" entryPointName=websecure,
time="2020-03-24T21:27:02Z" level=debug msg="http: TLS handshake error from 184.61.140.226:25408: remote error: tls: unknown certificate",
time="2020-03-24T21:29:46Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60195: remote error: tls: unknown certificate",
time="2020-03-24T21:29:46Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60196: remote error: tls: unknown certificate",
time="2020-03-24T21:29:47Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60197: remote error: tls: unknown certificate",
time="2020-03-24T21:29:47Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60198: remote error: tls: unknown certificate",
time="2020-03-24T21:29:47Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60199: remote error: tls: unknown certificate",
time="2020-03-24T21:29:48Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60200: remote error: tls: unknown certificate",
time="2020-03-24T21:29:51Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60202: remote error: tls: unknown certificate",
time="2020-03-24T21:29:51Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60201: remote error: tls: unknown certificate",
time="2020-03-24T21:29:52Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60203: remote error: tls: unknown certificate",
time="2020-03-24T21:30:02Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60204: remote error: tls: unknown certificate",
time="2020-03-24T21:30:02Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60205: remote error: tls: unknown certificate",
time="2020-03-24T21:30:03Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60206: remote error: tls: unknown certificate",
time="2020-03-24T21:30:12Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60208: remote error: tls: unknown certificate",
time="2020-03-24T21:30:12Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60207: remote error: tls: unknown certificate",
time="2020-03-24T21:30:17Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60209: remote error: tls: unknown certificate",
time="2020-03-24T21:30:37Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60214: remote error: tls: unknown certificate",
time="2020-03-24T21:30:37Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60213: remote error: tls: unknown certificate",
time="2020-03-24T21:30:42Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60215: remote error: tls: unknown certificate",
time="2020-03-24T21:31:11Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60260: remote error: tls: unknown certificate",
time="2020-03-24T21:31:11Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60261: remote error: tls: unknown certificate",
time="2020-03-24T21:31:12Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60262: remote error: tls: unknown certificate",
time="2020-03-24T21:32:03Z" level=debug msg="http: TLS handshake error from 10.101.1.2:60267: remote error: tls: unknown certificate",
time="2020-03-24T21:33:43Z" level=error msg="accept tcp [::]:80: use of closed network connection" entryPointName=web,
time="2020-03-24T21:33:43Z" level=error msg="accept tcp [::]:443: use of closed network connection" entryPointName=websecure,
time="2020-03-24T21:33:43Z" level=error msg="close tcp [::]:80: use of closed network connection" entryPointName=web,
time="2020-03-24T21:33:43Z" level=error msg="close tcp [::]:8080: use of closed network connection" entryPointName=traefik,
time="2020-03-24T21:33:43Z" level=error msg="close tcp [::]:443: use of closed network connection" entryPointName=websecure,
time="2020-03-24T21:33:43Z" level=error msg="accept tcp [::]:8080: use of closed network connection" entryPointName=traefik,
time="2020-03-24T21:33:44Z" level=error msg="Cannot connect to docker server context canceled" providerName=docker
I'm not sure why this happening, I am hoping someone could shed some light. Here is what I think is the relevant config info:
Traefik v2 Docker Compose:
version: '2'
services:
traefik:
image: "traefik:v2.1.8"
container_name: "traefikv2"
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge=true"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myhttpchallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myhttpchallenge.acme.email=********"
- "--certificatesresolvers.myhttpchallenge.acme.storage=/letsencrypt/acme.json"
#- "--providers.file.filename=/data1/services/traefikv2/dynamic_conf.toml"
- "--providers.file.directory=/config/"
- "--providers.file.watch=true"
networks:
- web
ports:
- "80:80"
- "443:443"
- "8082:8080"
volumes:
- "/data1/services/traefikv2/letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "/data1/services/traefikv2/config:/config/"
whoami:
image: "containous/whoami"
container_name: "simple-service"
labels:
- "traefik.enable=true"
- "traefik.http.routers.whoami.rule=Host(`whoami.warllo.org`)"
- "traefik.http.routers.whoami.entrypoints=websecure"
- "traefik.http.routers.whoami.tls.certresolver=myhttpchallenge"
networks:
web:
app-hassio.toml
[http.routers]
[http.routers.hassio-rtr]
entryPoints = ["web"]
rule = "Host(`hassio.warllo.org`)"
service = "hassio-svc"
[http.services]
[http.services.hassio-svc]
[http.services.hassio-svc.loadBalancer]
passHostHeader = true
[[http.services.hassio-svc.loadBalancer.servers]]
url = "http://192.168.2.9:8124"