我正在尝试使用traefik创建一个简单的应用程序来处理路由和SSL,但当我想使用'example.com'而不是'subdomain.example.com'时,我遇到了问题
如果我尝试使用仅仅是'example.com'的前端规则来包含服务,那么唯一有效的规则是'monitor.example.com' . 'api.example.com'将无效并返回404.如果我注释掉'example.com'的前端规则,那么'api.example.com'将再次运行 . 但是,无论如何,'monitor.example.com'都可以 . 此外,'example.com'总是返回404,无论如何 .
这是我的docker-compose文件:
version: '3'
services:
reverse-proxy:
image: traefik
restart: always
command: --docker
ports:
- 80:80
- 443:443
networks:
- web
labels:
- "traefik.frontend.rule=Host:monitor.example.com"
- "traefik.port=8080"
- "traefik.enable=true"
- "traefik.docker.network=web"
- "traefik.backend=traefik"
environment:
- CLOUDFLARE_EMAIL=###
- CLOUDFLARE_API_KEY=###
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /home/project/traefik/traefik.toml:/traefik.toml
- /home/project/traefik/acme.json:/acme.json
container_name: traefik
api:
image: api
expose:
- 5080
restart: always
networks:
- web
container_name: api
labels:
- "traefik.frontend.rule=Host:api.example.com"
- "traefik.enable=true"
- "traefik.docker.network=web"
- "traefik.port=5080"
- "traefik.backend=api"
app:
image: app
restart: always
networks:
- web
container_name: app
labels:
- "traefik.frontend.rule=Host:example.com"
- "traefik.enable=true"
- "traefik.docker.network=web"
- "traefik.backend=app"
- "traefik.port=80"
networks:
web:
external: true
这是我的traefik配置:
defaultEntryPoints = ["https", "http"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[entryPoints.trdash]
address = ":8080"
[entryPoints.trdash.auth]
[entryPoints.trdash.auth.basic]
users = [
"admin:###",
]
[api]
entryPoint = "trdash"
[acme]
email = "###"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
onDemand = false
[[acme.domains]]
main = "example.com"
[[acme.domains]]
main = "*.example.com"
[acme.dnsChallenge]
provider = "cloudflare"
任何帮助将不胜感激,谢谢!
编辑:好的,我似乎通过禁用我在Cloudflare上使用的域上的“橙色 Cloud ”解决了我自己的问题 . 另外,我必须将我的http删除到traefik.toml文件中的https重定向规则 . 我不明白为什么这是一个问题,所以我要打开这个问题 . 这似乎否定了Cloudflare提供的大部分 Value .
1 回答
事实证明,问题是启用Cloudflare代理(橙色 Cloud )而不启用后端SSL . 只要我在服务器上有SSL证书(我通过Let's Encrypt进行)我就可以将Cloudflare SSL变为'Full(严格)',看起来路由工作正常 .
感谢Traefik Slack的Daniel Tomcej帮我找到了这个答案 .