Skip to content

Instantly share code, notes, and snippets.

@mazz

mazz/docker-compose.yml

Created January 18, 2020 01:49
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mazz/ca2e98728b0943532ba40530179c65f6 to your computer and use it in GitHub Desktop.
Save mazz/ca2e98728b0943532ba40530179c65f6 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
docker-compose.yml
version: '3.7'
services:
proxy:
image: traefik:v1.7
ports:
- 80:80
- 443:443
networks:
- proxy-network
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- proxy-certificates-storage:/certificates
command: >
--docker
--docker.watch
--docker.exposedbydefault=false
--constraints=tag==proxy-public
--entrypoints='Name:http Address::80'
--entrypoints='Name:https Address::443 TLS'
--acme
--acme.email=${EMAIL?Variable EMAIL not set}
--acme.storage="certificates/acme.json"
--acme.entryPoint=https
--acme.httpChallenge.entryPoint=http
--acme.onhostrule=true
--acme.acmelogging=true
--logLevel=INFO
--accessLog
--api
labels:
- traefik.frontend.rule=Host:proxy.${DOMAIN?Variable DOMAIN not set}
- traefik.enable=true
- traefik.port=8080
- traefik.tags=proxy-public
- traefik.docker.network=proxy-network
# Traefik service that listens to HTTP
- traefik.redirectorservice.frontend.entryPoints=http
- traefik.redirectorservice.frontend.redirect.entryPoint=https
# Traefik service that listens to HTTPS
- traefik.webservice.frontend.entryPoints=https
- traefik.frontend.auth.basic.users=${TKUSERNAME?Variable TKUSERNAME not set}:${HASHED_PASSWORD?Variable HASHED_PASSWORD not set}
@mazz
Copy link
Author

mazz commented Jan 18, 2020
edited 

proxy_1                   | time="2020-01-18T01:38:51Z" level=info msg="Traefik version v1.7.18 built on 2019-09-26_01:56:30PM"
proxy_1                   | time="2020-01-18T01:38:51Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://docs.traefik.io/v1.7/basics/#collected-data\n"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Preparing server https &{Address::443 TLS:0xc00058e480 Redirect:<nil> Auth:<nil> WhitelistSourceRange:[] WhiteList:<nil> Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc00086b560} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Preparing server traefik &{Address::8080 TLS:<nil> Redirect:<nil> Auth:<nil> WhitelistSourceRange:[] WhiteList:<nil> Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc00086b900} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Preparing server http &{Address::80 TLS:<nil> Redirect:<nil> Auth:<nil> WhitelistSourceRange:[] WhiteList:<nil> Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc00086b420} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Starting provider configuration.ProviderAggregator {}"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Starting server on :443"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Starting server on :8080"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Starting server on :80"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Starting provider *docker.Provider {\"Watch\":true,\"Filename\":\"\",\"Constraints\":[\"tag==proxy-public\"],\"Trace\":false,\"TemplateVersion\":2,\"DebugLogGeneratedTemplate\":false,\"Endpoint\":\"unix:///var/run/docker.sock\",\"Domain\":\"\",\"TLS\":null,\"ExposedByDefault\":false,\"UseBindPortIP\":false,\"SwarmMode\":false,\"Network\":\"\",\"SwarmModeRefreshSeconds\":15}"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Starting provider *acme.Provider {\"Email\":\"faithfulaudiodev@gmail.com\",\"ACMELogging\":true,\"CAServer\":\"https://acme-v02.api.letsencrypt.org/directory\",\"Storage\":\"certificates/acme.json\",\"EntryPoint\":\"https\",\"KeyType\":\"\",\"OnHostRule\":true,\"OnDemand\":false,\"DNSChallenge\":null,\"HTTPChallenge\":{\"EntryPoint\":\"http\"},\"TLSChallenge\":null,\"Domains\":null,\"Store\":{}}"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Testing certificate renew..."
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Server configuration reloaded on :80"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Server configuration reloaded on :443"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Server configuration reloaded on :8080"

proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Server configuration reloaded on :80"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Server configuration reloaded on :443"
proxy_1                   | time="2020-01-18T01:38:52Z" level=info msg="Server configuration reloaded on :8080"
proxy_1                   | time="2020-01-18T01:38:53Z" level=info msg="legolog: [INFO] [proxy.japheth.ca] acme: Obtaining bundled SAN certificate"
proxy_1                   | time="2020-01-18T01:38:53Z" level=info msg="legolog: [INFO] [proxy.japheth.ca] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2341770421"
proxy_1                   | time="2020-01-18T01:38:53Z" level=info msg="legolog: [INFO] [proxy.japheth.ca] acme: Could not find solver for: tls-alpn-01"
proxy_1                   | time="2020-01-18T01:38:53Z" level=info msg="legolog: [INFO] [proxy.japheth.ca] acme: use http-01 solver"
proxy_1                   | time="2020-01-18T01:38:53Z" level=info msg="legolog: [INFO] [proxy.japheth.ca] acme: Trying to solve HTTP-01"
proxy_1                   | time="2020-01-18T01:38:54Z" level=info msg="Server configuration reloaded on :80"
proxy_1                   | time="2020-01-18T01:38:54Z" level=info msg="Server configuration reloaded on :443"
proxy_1                   | time="2020-01-18T01:38:54Z" level=info msg="Server configuration reloaded on :8080"
proxy_1                   | time="2020-01-18T01:38:54Z" level=info msg="legolog: [INFO] [japheth.ca] acme: Obtaining bundled SAN certificate"
proxy_1                   | time="2020-01-18T01:38:55Z" level=info msg="legolog: [INFO] [japheth.ca] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2341770656"
proxy_1                   | time="2020-01-18T01:38:55Z" level=info msg="legolog: [INFO] [japheth.ca] acme: Could not find solver for: tls-alpn-01"
proxy_1                   | time="2020-01-18T01:38:55Z" level=info msg="legolog: [INFO] [japheth.ca] acme: use http-01 solver"
proxy_1                   | time="2020-01-18T01:38:55Z" level=info msg="legolog: [INFO] [japheth.ca] acme: Trying to solve HTTP-01"

proxy_1                   | time="2020-01-18T01:38:59Z" level=info msg="legolog: [INFO] Unable to deactivate the authorization: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2341770421"
proxy_1                   | time="2020-01-18T01:38:59Z" level=error msg="Unable to obtain ACME certificate for domains \"proxy.japheth.ca\" detected thanks to rule \"Host:proxy.japheth.ca\" : unable to generate a certificate for the domains [proxy.japheth.ca]: acme: Error -> One or more domains had a problem:\n[proxy.japheth.ca] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Invalid response from http://proxy.japheth.ca/.well-known/acme-challenge/w229VsnAmOgtuTlwaRnHX-7OODbYBS_iWIvXI8qpwOc [198.54.117.197]: \"<html>\\r\\n<head><title>404 Not Found</title></head>\\r\\n<body>\\r\\n<center><h1>404 Not Found</h1></center>\\r\\n<hr><center>openresty</cente\", url: \n"
proxy_1                   | time="2020-01-18T01:39:01Z" level=info msg="legolog: [INFO] Unable to deactivate the authorization: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2341770656"
proxy_1                   | time="2020-01-18T01:39:01Z" level=error msg="Unable to obtain ACME certificate for domains \"japheth.ca\" detected thanks to rule \"Host:japheth.ca\" : unable to generate a certificate for the domains [japheth.ca]: acme: Error -> One or more domains had a problem:\n[japheth.ca] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Invalid response from http://japheth.ca/.well-known/acme-challenge/TmCSq2lBRnxA-9a-R0YOexxi0DuDhuQG8Fumf60aaek [198.54.117.197]: \"<html>\\r\\n<head><title>404 Not Found</title></head>\\r\\n<body>\\r\\n<center><h1>404 Not Found</h1></center>\\r\\n<hr><center>openresty</cente\", url: \n"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment