0

I'm new to SSL certificates with Traefik and have been having real trouble getting a successful deployment.

I have a server and domain that I have deployed my application on using Traefik and Http without issue. I would now like to deploy the same application, running on port 9000, to be deployed in Https using LetsEncrypt following the Traefik docs . I can verify that the certificate has been properly created using an SSL checker, however, when I try to visit the site I get Internal Server Error. There are no errors reported in either of the docker logs and I cannot figure out what to try next.

docker-compose.yml

version: '2'

services:
  traefik:
    image: traefik:v1.7
    restart: always
    ports:
      - 80:80
      - 443:443
    networks:
      - web
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /opt/traefik/traefik.toml:/traefik.toml
      - /opt/traefik/acme.json:/acme.json
    container_name: traefik

  app:
    image: myapp_image
    container_name: app
    restart: always
    networks:
      - web
    ports:
      - "9000:9000"
    labels:
      - "traefik.docker.network=web"
      - "traefik.enable=true"
      - "traefik.basic.frontend.rule=Host:myapp.com"
      - "traefik.basic.port=9000"
      - "traefik.basic.protocol=http"
      - "traefik.admin.frontend.rule=Host:myapp.com"
      - "traefik.admin.protocol=https"
      - "traefik.admin.port=9000"

networks:
  web:
    external: true

traefik.toml

debug = false

logLevel = "ERROR"
defaultEntryPoints = ["https","http"]

[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
  [entryPoints.https]
  address = ":443"
  [entryPoints.https.tls]

[retry]

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "myapp.com"
watch = true
exposedByDefault = false

[acme]
email = "myemail@email.com"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
Kthomas852
  • 11
  • 2

1 Answers1

0

Finally was able to find a workable solution for this. I may have just been using old information but the best reference to host an application with Traefik on Https using LetsEncrypt was found here.

The working Yaml example is below. Using this example will also eliminate the need for a Toml file!

version: "3.3"

services:

  traefik:
    image: "traefik:v2.2"
    container_name: "traefik"
    command:
      #- "--log.level=DEBUG"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
      #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
      - "--certificatesresolvers.myresolver.acme.email=postmaster@example.com"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
    ports:
      - "443:443"
      - "8080:8080"
    volumes:
      - "./letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

  whoami:
    image: "containous/whoami"
    container_name: "simple-service"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.rule=Host(`whoami.example.com`)"
      - "traefik.http.routers.whoami.entrypoints=websecure"
      - "traefik.http.routers.whoami.tls.certresolver=myresolver"
Kthomas852
  • 11
  • 2