Localhostで自己署名証明書を使用するようにtraefikでdockerをセットアップしようとしています
私は自分のローカルマシンで開発しています。Dockerとtraefikを使用したいと考えています。私が抱えている問題は、セットアップで動作する自己署名証明書を取得できないことです。私を正しい方向に向けてくれる人が必要です!
ブラウザに表示される証明書は常にTRAEFIK DEFAULT CERTであるか、ドメインに入るときにget 404ページが見つかりません
私のdocker-compose.yaml
version: "3.7"
services:
mariadb:
image: wodby/mariadb:$MARIADB_TAG
container_name: "${PROJECT_NAME}_mariadb"
stop_grace_period: 30s
environment:
MYSQL_ROOT_PASSWORD: $DB_ROOT_PASSWORD
MYSQL_DATABASE: $DB_NAME
MYSQL_USER: $DB_USER
MYSQL_PASSWORD: $DB_PASSWORD
ports:
- 3306:3306
volumes:
# - ./mariadb-init:/docker-entrypoint-initdb.d # Place init .sql file(s) here.
- mysql:/var/lib/mysql # I want to manage volumes manually.
php:
image: wodby/wordpress-php:$PHP_TAG
container_name: "${PROJECT_NAME}_php"
environment:
PHP_SENDMAIL_PATH: /usr/sbin/sendmail -t -i -S mailhog:1025
DB_Host: $DB_Host
DB_USER: $DB_USER
DB_PASSWORD: $DB_PASSWORD
DB_NAME: $DB_NAME
PHP_FPM_USER: wodby
PHP_FPM_GROUP: wodby
## Read instructions at https://wodby.com/docs/stacks/wordpress/local#xdebug
# PHP_XDEBUG: 1
# PHP_XDEBUG_DEFAULT_ENABLE: 1
# PHP_XDEBUG_REMOTE_CONNECT_BACK: 0
# PHP_IDE_CONFIG: serverName=my-ide
# PHP_XDEBUG_IDEKEY: "my-ide"
# PHP_XDEBUG_REMOTE_Host: 172.17.0.1 # Linux
# PHP_XDEBUG_REMOTE_Host: 10.254.254.254 # macOS
# PHP_XDEBUG_REMOTE_Host: 10.0.75.1 # Windows
volumes:
# - ./app:/var/www/html
## For macOS users (https://wodby.com/docs/stacks/wordpress/local#docker-for-mac)
- ./app:/var/www/html:cached # User-guided caching
# - docker-sync:/var/www/html # Docker-sync
## For XHProf and Xdebug profiler traces
# - files:/mnt/files
nginx:
image: wodby/nginx:$NGINX_TAG
container_name: "${PROJECT_NAME}_nginx"
depends_on:
- php
environment:
NGINX_STATIC_OPEN_FILE_CACHE: "off"
NGINX_ERROR_LOG_LEVEL: debug
NGINX_BACKEND_Host: php
NGINX_VHOST_PRESET: wordpress
#NGINX_SERVER_ROOT: /var/www/html/subdir
volumes:
# - ./app:/var/www/html
# Options for macOS users (https://wodby.com/docs/stacks/wordpress/local#docker-for-mac)
- ./app:/var/www/html:cached # User-guided caching
# - docker-sync:/var/www/html # Docker-sync
labels:
- "traefik.http.routers.${PROJECT_NAME}_nginx.rule=Host(`${PROJECT_BASE_URL}`)"
- "traefik.http.routers.${PROJECT_NAME}_nginx.tls=true"
# - "traefik.http.routers.${PROJECT_NAME}_nginx.tls.certResolver=${PROJECT_BASE_URL}"
mailhog:
image: mailhog/mailhog
container_name: "${PROJECT_NAME}_mailhog"
labels:
- "traefik.http.services.${PROJECT_NAME}_mailhog.loadbalancer.server.port=8025"
-"traefik.http.routers.${PROJECT_NAME}_mailhog.rule=Host(`mailhog.${PROJECT_BASE_URL}`)"
portainer:
image: portainer/portainer
container_name: "${PROJECT_NAME}_portainer"
command: --no-auth -H unix:///var/run/docker.sock
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels:
- "traefik.http.routers.${PROJECT_NAME}_portainer.rule=Host(`portainer.${PROJECT_BASE_URL}`)"
traefik:
image: traefik:v2.0
container_name: "${PROJECT_NAME}_traefik"
ports:
- "80:80"
- "443:443"
- "8080:8080" # Dashboard
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./traefik:/etc/traefik
- ./certs:/certs
volumes:
mysql:
## Docker-sync for macOS users
# docker-sync:
# external: true
## For Xdebug profiler
# files:
私のtraefik.yml
providers:
file:
filename: "/etc/traefik/config.yml"
docker:
endpoint: "unix:///var/run/docker.sock"
api:
insecure: true
entryPoints:
web:
address: ":80"
web-secure:
address: ":443"
そして私のconfig.yml(tlsの構成が別のファイルにある必要があることを理解しています!)
tls:
certificates:
- certFile: /certs/domain.test.crt
- certKey: /certs/domain.test.key
私はそれを解決しました。私の最終的なdocker-compose.ymlは次のようになります
@fffniteに感謝
version: "3.7"
services:
mariadb:
image: wodby/mariadb:$MARIADB_TAG
container_name: "${PROJECT_NAME}_mariadb"
stop_grace_period: 30s
environment:
MYSQL_ROOT_PASSWORD: $DB_ROOT_PASSWORD
MYSQL_DATABASE: $DB_NAME
MYSQL_USER: $DB_USER
MYSQL_PASSWORD: $DB_PASSWORD
ports:
- 3306:3306
volumes:
# - ./mariadb-init:/docker-entrypoint-initdb.d # Place init .sql file(s) here.
- mysql:/var/lib/mysql # I want to manage volumes manually.
php:
image: wodby/wordpress-php:$PHP_TAG
container_name: "${PROJECT_NAME}_php"
environment:
PHP_SENDMAIL_PATH: /usr/sbin/sendmail -t -i -S mailhog:1025
DB_Host: $DB_Host
DB_USER: $DB_USER
DB_PASSWORD: $DB_PASSWORD
DB_NAME: $DB_NAME
PHP_FPM_USER: wodby
PHP_FPM_GROUP: wodby
## Read instructions at https://wodby.com/docs/stacks/wordpress/local#xdebug
# PHP_XDEBUG: 1
# PHP_XDEBUG_DEFAULT_ENABLE: 1
# PHP_XDEBUG_REMOTE_CONNECT_BACK: 0
# PHP_IDE_CONFIG: serverName=my-ide
# PHP_XDEBUG_IDEKEY: "my-ide"
# PHP_XDEBUG_REMOTE_Host: 172.17.0.1 # Linux
# PHP_XDEBUG_REMOTE_Host: 10.254.254.254 # macOS
# PHP_XDEBUG_REMOTE_Host: 10.0.75.1 # Windows
volumes:
# - ./app:/var/www/html
## For macOS users (https://wodby.com/docs/stacks/wordpress/local#docker-for-mac)
- ./app:/var/www/html:cached # User-guided caching
# - docker-sync:/var/www/html # Docker-sync
## For XHProf and Xdebug profiler traces
# - files:/mnt/files
nginx:
image: wodby/nginx:$NGINX_TAG
container_name: "${PROJECT_NAME}_nginx"
depends_on:
- php
environment:
NGINX_STATIC_OPEN_FILE_CACHE: "off"
NGINX_ERROR_LOG_LEVEL: debug
NGINX_BACKEND_Host: php
NGINX_VHOST_PRESET: wordpress
#NGINX_SERVER_ROOT: /var/www/html/subdir
volumes:
# - ./app:/var/www/html
# Options for macOS users (https://wodby.com/docs/stacks/wordpress/local#docker-for-mac)
- ./app:/var/www/html:cached # User-guided caching
# - docker-sync:/var/www/html # Docker-sync
labels:
- "traefik.http.routers.${PROJECT_NAME}_nginx.rule=Host(`${PROJECT_BASE_URL}`)"
- "traefik.http.routers.${PROJECT_NAME}_nginx.entrypoints=web"
- "traefik.http.middlewares.${PROJECT_NAME}_https_nginx.redirectscheme.scheme=https"
- "traefik.http.routers.${PROJECT_NAME}_https_nginx.rule=Host(`${PROJECT_BASE_URL}`)"
- "traefik.http.routers.${PROJECT_NAME}_https_nginx.entrypoints=web-secure"
- "traefik.http.routers.${PROJECT_NAME}_https_nginx.tls=true"
mailhog:
image: mailhog/mailhog
container_name: "${PROJECT_NAME}_mailhog"
labels:
- "traefik.http.services.${PROJECT_NAME}_mailhog.loadbalancer.server.port=8025"
- "traefik.http.routers.${PROJECT_NAME}_mailhog.rule=Host(`mailhog.${PROJECT_BASE_URL}`)"
portainer:
image: portainer/portainer
container_name: "${PROJECT_NAME}_portainer"
command: --no-auth -H unix:///var/run/docker.sock
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels:
- "traefik.http.routers.${PROJECT_NAME}_portainer.rule=Host(`portainer.${PROJECT_BASE_URL}`)"
traefik:
image: traefik:v2.0
container_name: "${PROJECT_NAME}_traefik"
ports:
- "80:80"
- "443:443"
- "8080:8080" # Dashboard
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./traefik:/etc/traefik
- ./certs:/certs
volumes:
mysql:
## Docker-sync for macOS users
# docker-sync:
# external: true
## For Xdebug profiler
# files:
私は今これと少し戦っていますが、それを機能させる組み合わせを見つけたようです、注意してくださいnot別のファイルにTLS構成を含める必要があります。
[provider]
[provider.file]
# This file
filename = "/etc/traefik/traefik.toml"
[tls.stores.default.defaultCertificate]
certFile = "/certs/mycert.crt"
keyFile = "/certs/mycert.key"