0


我在 docker-containers 中有一个 Traefik 和一些服务。这是 docker-compose.yml 文件:

version: "3"

services:
  main-app:
    image: some-image
    container_name: main_app
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.app.rule=Host(`domain.com`)"
      - "traefik.http.routers.app.entrypoints=https"
      - "traefik.http.routers.app.tls.certresolver=cert

  moodle:
    image: some-moodle-image
    container_name: moodle
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.moodle.rule=Host(`moodle.domain.com`)"
      - "traefik.http.routers.moodle.entrypoints=https"
      - "traefik.http.routers.moodle.tls.certresolver=cert"


  traefik:
    image: "traefik"
    container_name: traefik
    command:
      - "--api.insecure=true"

      #Entrypoints settings
      - "--entrypoints.http.address=:80"
      - "--entrypoints.https.address=:443"

      # Providers settings
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"

      # Acme challeges settings
      - "--certificatesresolvers.cert.acme.httpchallenge=true"
      - "--certificatesresolvers.cert.acme.httpchallenge.entrypoint=web"
      - "--certificatesresolvers.cert.acme.email=some-mail@help.me"
      - "--certificatesresolvers.cert.acme.storage=/letsencrypt/acme.json"
    labels:
      #Redirect HTTP -> HTTPS
      - "traefik.enable=true"
      - "traefik.http.routers.https-redirect.entrypoints=http"
      - "traefik.http.routers.https-redirect.rule=HostRegexp(`{any:.*}`)"
      - "traefik.http.routers.https-redirect.middlewares=https-redirect"
      - "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - "/letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

如您所见,主应用程序容器与主域 (domain.com) 相关联。和moodle容器到子域(moodle.domain.com)。

现在到了问题的核心。在主域上,颁发证书并使用 HTTPS。但是在子域上,我得到下一个错误:

time="2020-05-01T13:12:54Z" level=error msg="Unable to obtain ACME certificate for domains \"moodle.domain.com\": 
unable to generate a certificate for the domains [moodle.domain.com]: 
error: one or more domains had a problem:[moodle.domain.com] acme: error: 403 ::
 urn:ietf:params:acme:error:unauthorized :: 
Invalid response from http://moodle.domain.com/.well-known/acme-challenge/(some private code)[(some ip address)]: 
404, url: \n" providerName=cert.acme routerName=moodle@docker rule="Host(`moodle.domain.com`)"

这是如何引起的,如何解决这个问题?

4

0 回答 0