[英]Traefik with docker-compose, LetsEncrypt, and multiple domains
我試圖通過使用traefik作為反向代理的docker docker-compose
來運行鬼影像。
我有兩個域, sub.foo.com
和bar.com
。 在調用sub.foo.com:2386
docker-compose up -d
之后,可以通過sub.foo.com:2386
訪問容器,但不能訪問bar.com
。 我知道沒有必要在ghost.service
使用ports
選項,但是要在那里證明容器出現了。
這是我的配置:
traefik.toml
debug = false
logLevel = "ERROR"
defaultEntryPoints = ["https","http"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[retry]
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "sub.foo.com"
watch = true
exposedbydefault = false
[acme]
email = "john.doe@example.com"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
泊塢窗,compose.yml
version: "3.3"
services:
db:
image: mysql:5.7
volumes:
- db_data:/var/lib/mysql
restart: always
networks:
- ghost
environment:
MYSQL_ROOT_PASSWORD: testing
MYSQL_DATABASE: ghost
MYSQL_USER: ghost
MYSQL_PASSWORD: ghost
ghost:
depends_on:
- db
image: ghost:2.1.2-alpine
ports:
- "2368:2368"
networks:
- traefik
- ghost
volumes:
- ghost_data:/var/lib/ghost/content
environment:
database__client: mysql
database__connection__host: db
database__connection__user: ghost
database__connection__password: ghost
database__connection__database: ghost
labels:
- "traefik.backend=ghost"
- "traefik.docker.network=traefik"
- "traefik.enable=true"
- "traefik.frontend.rule=Host:bar.com"
- "traefik.port=2368"
- "traefik.protocol=http"
volumes:
db_data: {}
ghost_data: {}
networks:
ghost: {}
traefik:
external: true
我有什么想法我做錯了嗎? 我的DNS記錄在sub.foo.com
和bar.com
上sub.foo.com
相同的sub.foo.com
bar.com
。 當我導航到bar.com
我最終得到:
<!DOCTYPE html>
<html><head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>Access Denied</title>
<style type="text/css">body {margin:0;font-family:verdana,sans-serif;} h1 {margin:0;padding:12px 25px;background-color:#343434;color:#ddd} p {margin:12px 25px;} strong {color:#E0042D;}</style>
</head>
<body>
<h1>Access Denied</h1>
<p>
<strong>You are attempting to access a forbidden site.</strong><br/><br/>
Consult your system administrator for details.
</p>
</body>
</html>
這不是你的標准traefik錯誤。 是不是有約束力?
也許它被切斷但你的toml還需要以下內容:
...
[acme]
email = "john.doe@example.com"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[[acme.domains]]
main = "bar.com"
[acme.httpChallenge]
entryPoint = "http"
您的docker-compose可能缺少以下內容:
labels:
....
- "traefik.frontend.entryPoints=http,https"
然而,錯誤看起來像是treafik相關的不同之處。 treafik是否暴露在服務器上的端口80和443上?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.