【发布时间】:2020-03-07 15:54:50
【问题描述】:
我尝试在 Traefik 后面运行我的 NextcloudPi-Docker 安装,以允许服务器上的更多服务并确保对所有服务进行简单的 SSL 加密。
我的 docker-compose.yml 没有 Traefik 的 Nextcloudpi 看起来像这样:
version: '3'
services:
nextcloud:
image: ownyourbits/nextcloudpi-armhf
container_name: nextcloud
restart: unless-stopped
networks:
- proxy
volumes:
- /media/external_1/nextcloud:/data
- /media/external_1/backup:/backup
ports:
- 80:80
- 443:443
效果很好,我现有的安装正在顺利启动。
当我用它的docker-compose.yml 启动Traefik 时,我可以打开仪表板,没问题。我还尝试了Portainer,作为Traefik 的路由,可行,但我不想让它更复杂,所以我保留基于文本的配置。
Traefik 的docker-compose.yml:
version: '3'
services:
traefik:
image: traefik:v2.0
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
ports:
- 80:80
- 443:443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data/traefik.yml:/traefik.yml:ro
- ./data/acme.json:/acme.json
- ./logs:/logging
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.entrypoints=http"
- "traefik.http.routers.traefik.rule=Host(`sub.domain.tld`)"
- "traefik.http.middlewares.traefik-auth.basicauth.users=<user>:<password>
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
- "traefik.http.routers.traefik-secure.entrypoints=https"
- "traefik.http.routers.traefik-secure.rule=Host(`sub.domain.tld`)"
- "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.routers.traefik-secure.tls.certresolver=http"
- "traefik.http.routers.traefik-secure.service=api@internal"
networks:
proxy:
external: true
NextcloudPidocker-compose.yml:
version: '3'
services:
nextcloud:
image: ownyourbits/nextcloudpi-armhf
container_name: nextcloud
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
volumes:
- /media/external_1/nextcloud:/data
- /media/external_1/backup:/backup
labels:
- "traefik.enable=true"
- "traefik.http.routers.nextcloud.entrypoints=http"
- "traefik.http.routers.nextcloud.rule=Host(`sub.domain.tld`)"
- "traefik.http.middlewares.nextcloud-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.nextcloud.middlewares=nextcloud-https-redirect"
- "traefik.http.routers.nextcloud-secure.entrypoints=https"
- "traefik.http.routers.nextcloud-secure.rule=Host(`sub.domain.tld`)"
- "traefik.http.routers.nextcloud-secure.tls=true"
- "traefik.http.routers.nextcloud-secure.tls.certresolver=http"
- "traefik.http.routers.nextcloud-secure.service=nextcloud"
- "traefik.http.services.nextcloud.loadbalancer.server.port=443"
- "traefik.docker.network=proxy"
networks:
proxy:
external: true
access.log 的输出如下:
151.177.45.100 - - [07/Mar/2020:15:20:44 +0000] "GET /status.php HTTP/1.1" 400 362 "-" "-" 22 "nextcloud-secure@docker" "http://172.19.0.4:443" 5ms
151.177.45.100 - - [07/Mar/2020:15:21:16 +0000] "GET /status.php HTTP/1.1" 400 362 "-" "-" 23 "nextcloud-secure@docker" "http://172.19.0.4:443" 3ms
151.177.45.100 - - [07/Mar/2020:15:21:48 +0000] "GET /status.php HTTP/1.1" 400 362 "-" "-" 24 "nextcloud-secure@docker" "http://172.19.0.4:443" 9ms
151.177.45.100 - - [07/Mar/2020:15:22:09 +0000] "GET / HTTP/2.0" 400 362 "-" "-" 25 "nextcloud-secure@docker" "http://172.19.0.4:443" 8ms
还有traefik.yml:
api:
dashboard: true
entryPoints:
http:
address: ":80"
https:
address: ":443"
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
certificatesResolvers:
http:
acme:
email: email@address.com
storage: acme.json
httpChallenge:
entryPoint: http
log:
filePath: "/logging/traefik.log"
format: json
level: DEBUG
# Configuring a buffer of 100 lines
accessLog:
filePath: "/logging/access.log"
bufferingSize: 100
我不知道我做错了什么,我使用与没有 Traefik 相同的域,正如我所说,其他服务可以很好地使用它。我什至尝试创建一个新的 NextcloudPi 实例,但这也不起作用。 如有任何帮助,我将不胜感激!
【问题讨论】:
-
可以添加 ./data/traefik.yml 吗?
-
我现在添加了traefik.yml的内容。
标签: docker http https docker-compose traefik