文章/答案/技术大牛

发布

社区首页 >问答首页 >用Cloudflare设置Traefik

问用Cloudflare设置Traefik
EN

Stack Overflow用户

提问于 2019-05-21 09:23:37

回答 1查看 9.5K关注 0票数 6

我正在尝试使用这个指南的组合来设置traefik，代码找到了这里。

我在Unraid中使用docker-compose，到目前为止，我有以下代码：

traefik.toml

debug = false

logLevel = "ERROR"
defaultEntryPoints = ["https","http"]

[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
  [entryPoints.https]
  address = ":443"
  [entryPoints.https.tls]

[retry]

[acme]
email = "user@domain.com"
storage = "acme.json"
entryPoint = "https"
#OnHostRule = true
#onDemand = true
[acme.dnsChallenge]
  provider = "cloudflare"
[[acme.domains]]
   main = "domain.name"
[[acme.domains]]
   main = "*.domain.name"

docker-compose.yml

services:

  traefik:
    image: traefik:latest
    command: --web --docker --docker.watch --docker.domain=${DOMAIN} \
             --docker.exposedbydefault=false --acme.domains=${DOMAIN}
    container_name: traefik
    hostname: traefik
    networks:
      br0:
        ipv4_address: 192.168.1.253
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ${CONFIG}/traefik/acme.json:/acme.json
      - ${CONFIG}/traefik/traefik.toml:/etc/traefik/traefik.toml
      - ${CONFIG}/traefik/.htpasswd:/etc/traefik/.htpasswd:ro
    environment:
      - CF_API_EMAIL=user@domain.com
      - CF_API_KEY=XXXXXXXXXXXXXXXXXXXXXXXXXX
    labels:
      traefik.enable: "true"
      traefik.frontend.rule: "Host:monitor.${DOMAIN}"
      traefik.port: "8080"
      traefik.frontend.auth.basic: "${HTPASSWD}"
      com.ouroboros.enable: "true"
    restart: unless-stopped

  ouroboros:
    image: pyouroboros/ouroboros
    container_name: ouroboros
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      - PGID
      - PUID
      - TZ
      - CLEANUP=true
      - INTERVAL=86400  # 24hrs
      - SELF_UPDATE=true
      - LABELS_ONLY=true
    restart: unless-stopped

  plex:
    image: linuxserver/plex
    container_name: plex
    hostname: plex
    networks:
      br0:
        ipv4_address: 192.168.1.252
    volumes:
      - ${CONFIG}/plex:/config
      - ${DATA}/TV:/media/tv
      - ${DATA}/Movies:/media/movies
      - ${DATA}/Music:/media/music
      - ${DATA}/Anime:/media/anime
    environment:
      - PGID
      - PUID
      - TZ
      - VERSION=latest
    labels:
      traefik.enable: "true"
      traefik.port: "32400"
      traefik.frontend.rule: "Host:plex.${DOMAIN}"
      com.ouroboros.enable: "true"
    restart: unless-stopped

  plexpy:
    image: linuxserver/tautulli:latest
    container_name: tautulli
    hostname: tautulli
    networks:
      br0:
        ipv4_address: 192.168.1.251
    volumes:
      - ${CONFIG}/plexpy:/config
      - ${CONFIG}/plex/Library/Application Support/Plex Media Server/Logs:/logs:ro
    environment:
      - PGID
      - PUID
      - TZ
    labels:
      traefik.enable: "true"
      traefik.port: "8181"
      traefik.frontend.rule: "Host:tautulli.${DOMAIN}"
      traefik.frontend.auth.basic: "${HTPASSWD}"
      com.ouroboros.enable: "true"
    restart: unless-stopped

  heimdall:
    image: duhio/heimdall-https:latest
    container_name: heimdall
    hostname: heimdall
    networks:
      br0:
        ipv4_address: 192.168.1.250
    volumes:
      - ${CONFIG}/heimdall:/config
    environment:
      - PGID
      - PUID
      - TZ
    labels:
      traefik.enable: "true"
      traefik.port: "80"
      traefik.frontend.rule: "Host:${DOMAIN}"
      traefik.frontend.auth.basic: "${HTPASSWD}"
      com.ouroboros.enable: "true"
    restart: unless-stopped

  ombi:
    image: linuxserver/ombi
    container_name: ombi
    hostname: ombi
    networks:
      br0:
        ipv4_address: 192.168.1.249
    volumes:
      - ${CONFIG}/ombi:/config
    environment:
      - PGID
      - PUID
      - TZ
    labels:
      traefik.enable: "true"
      traefik.port: "3579"
      traefik.frontend.rule: "Host:ombi.${DOMAIN}"
      com.ouroboros.enable: "true"
    restart: unless-stopped

# br0 is an existing Unraid macvlan
networks:
  br0:
    external: true

当我使用OnHostRule = true时，我可以让plex.domain.name使用https，但是没有其他的子域。

更新:我已经得出结论，问题是通配符域不起作用，在与审校员交谈后，他不确定在docker-compose.yml中手动使用静态IP指定网络时通配符是否有效，到目前为止，我还无法确认这一点。

深入研究，我认为这可能是Cloudflare级别、源这里和report 这里的一个问题。

ssl

docker-compose

reverse-proxy

traefik

docker

回答 1

Stack Overflow用户

发布于 2019-05-26 12:40:27

编辑:对于Traefik 2.0及更高版本，此配置现已过时

我有通配符和Cloudflare一起工作。这是我的配置：

traefik.toml文件的一部分

[acme]
  acmeLogging = true
  email = "me@email.com"
  storage = "/acme.json"
  onHostRule = true
  entryPoint = "https"
  [acme.dnsChallenge]
    provider = "cloudflare"

  [[acme.domains]]
    main = "sub.domain.com"
  [[acme.domains]]
    main = "*.sub.domain.com"

然后在启动traefik服务的traefik文件中，指定一个env文件：

env_file: ./traefik.env

在这个文件中，我有以下环境变量：

CLOUDFLARE_EMAIL=value1
CLOUDFLARE_API_KEY=value2
CF_API_EMAIL=value1
CF_API_KEY=value2

我希望从我的例子中，你将有一些实验，并找到成功！

我强烈建议在您的debug=true文件中添加traefik.toml，因为它将显示日志，这些日志指示cloudflare设置是否成功以及哪个域。

票数 2

页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持

原文链接：

https://stackoverflow.com/questions/56235169

复制

相似问题

问用Cloudflare设置Traefik
EN

回答 1

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问用Cloudflare设置TraefikEN

回答 1

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问用Cloudflare设置Traefik
EN