时间戳

首页 > 解决方案 > Traefik 已启动,但我的服务未使用它

docker - Traefik 已启动,但我的服务未使用它

问题描述

我正在使用带有 Debian 10 的 VPS。我也有一个域名。

我的目标是自托管一些服务,比如 FreshRSS 或 Nextcloud。为了部署这些服务,我使用了 Docker 和 Docker Compose。我每个服务有一个文件夹。

因为我想获得一个反向代理并将子域分配给服务(例如:cloud.domainname.com 到 Nextcloud),所以我昨天安装了 Traefik。但是,我无法让服务正常工作。这对我来说可能是错误的配置,因为我是设置反向代理的初学者。例如,我试图让它与在端口 8000 上运行的 ArchiveBox 一起工作。我希望 Traefik 将我的子域 archive.domainname.com 映射到我的 VPS 的端口 8000。

这些是我昨天做的步骤:

  1. 使用 Docker Compose 在我的 VPS 上安装ArchiveBox并进行配置。它工作成功。
  2. 为 traefik 创建了一个新网络:sudo docker network create --driver=bridge --subnet=192.168.0.0/16 traefik_lan
  3. 使用 Docker Compose 安装 Traefik,通过以下教程添加动态配置。
  4. 将标签和网络添加到 ArchiveBox 的 Docker Compose 文件中。
  5. 两个都开始了。但是,ArchiveBox 创建了一个新网络,似乎没有使用 Traefik 网络。我仍然可以直接访问 domainname.com:8000 上的 ArchiveBox。

下面是配置文件。

档案盒

ArchiveBox docker-compose.yml

# Usage:
#     docker-compose up -d
#     docker-compose run archivebox init
#     echo "https://example.com" | docker-compose run archivebox archivebox add
#     docker-compose run archivebox add --depth=1 https://example.com/some/feed.rss
#     docker-compose run archivebox config --set PUBLIC_INDEX=True
# Documentation:
#     https://github.com/ArchiveBox/ArchiveBox/wiki/Docker#docker-compose

version: '3.7'

services:
    archivebox:
        # build: .
        image: ${DOCKER_IMAGE:-archivebox/archivebox:latest}
        command: server 0.0.0.0:8000
        stdin_open: true
        tty: true
        ports:
            - 8000:8000
        environment:
            - USE_COLOR=True
            - SHOW_PROGRESS=False
            - SEARCH_BACKEND_ENGINE=sonic
            - SEARCH_BACKEND_HOST_NAME=sonic
            - SEARCH_BACKEND_PASSWORD=SecretPassword
        volumes:
            - ./data:/data
        depends_on:
            - sonic
        labels:
          - "traefik.enable=true"
          - "traefik.docker.network=traefik_lan"
          - "traefik.http.routers.archiveboxnotls.rule=Host(`${ARCHIVE_URL}`)"
          - "traefik.http.routers.archiveboxnotls.entrypoints=webinsecure"
          - "traefik.http.routers.archiveboxnotls.middlewares=tlsredir@file"
          - "traefik.http.routers.archivebox.rule=Host(`${ARCHIVE_URL}`)"
          - "traefik.http.routers.archivebox.entrypoints=websecure"
          - "traefik.http.routers.archivebox.tls=true"
          - "traefik.http.routers.archivebox.tls.certresolver=letsencrypt"
        networks:
          - traefik_lan
    # Run sonic search backend
    sonic:
        image: valeriansaliou/sonic:v1.3.0
        ports:
            - 1491:1491
        environment:
            - SEARCH_BACKEND_PASSWORD=SecretPassword
        volumes:
            - ./etc/sonic/config.cfg:/etc/sonic.cfg
            - ./data:/var/lib/sonic/store/

networks:
  traefik_lan:
    external: true

然后我应该像这样运行它:

sudo ARCHIVE_URL=archive.mydomain.com docker-compose up -d

特拉菲克

这是我在 /home 中的 /traefik 文件夹的结构。

.
├── config
│   ├── acme.json
│   ├── dynamic-conf
│   │   ├── dashboard.toml
│   │   ├── tlsredir.toml
│   │   └── tls.toml
│   └── traefik.toml
└── docker-compose.yml

码头工人-compose.yml

version: '3'

services:
  reverse-proxy:
    container_name: traefik
    image: traefik:v2.4
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    networks:
      - traefik_lan
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./config:/etc/traefik:ro
      - ./config/acme.json:/acme.json
networks:
  traefik_lan:
    external: true

traefik.toml

[api]
  dashboard = true

[providers]
  [providers.docker]
    exposedByDefault = false

  [providers.file]
    directory = "/etc/traefik/dynamic-conf"
    watch = true

[entryPoints]
  [entryPoints.websecure]
    address = ":443"

  [entryPoints.webinsecure]
    address = ":80"


  [entryPoints.dot]
    address = ":853"

[certificatesResolvers.letsencrypt.acme]
  email = "myemail@gmail.com"
  caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
 #caServer: "https://acme-v02.api.letsencrypt.org/directory"
  storage = "acme.json"
  [certificatesResolvers.letsencrypt.acme.tlsChallenge]


[accessLog]
  format = "json"
  [accessLog.fields]
    defaultMode = "drop"
    [accessLog.fields.names]
      "ClientAddr" = "keep"
      "RequestAddr" = "keep"
      "RequestMethod" = "keep"
      "RequestPath" = "keep"
      "DownstreamStatus" = "keep"

仪表板.toml

[http.routers.api]
  rule = "Host(`traefik.domain.tld`)"
  entrypoints = ["webinsecure"]
  service = "api@internal"
  middlewares = ["tlsredir@file"]

[http.routers.api-secure]
  rule = "Host(`traefik.domain.tld`)"
  entrypoints = ["websecure"]
  service = "api@internal"
  middlewares = ["secured"]
  [http.routers.api-secure.tls]
    certResolver = "letsencrypt"

tlsredir.toml

[http.middlewares]
  [http.middlewares.tlsredir.redirectScheme]
    scheme = "https"
    permanent = true

tls.toml

[tls]
  [tls.options]
    [tls.options.default]
      minVersion = "VersionTLS12"
      sniStrict = true
      cipherSuites = [
        "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
        "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
      ]
      curvePreferences = ["CurveP521","CurveP384"]

预先感谢您的帮助。

标签: dockerdocker-composetraefik

解决方案

推荐阅读