以下是我为 Traefik 设置的 docker-compose.yml,唯一的目标是通过 HTTPS 访问 traefik 仪表板。我继续收到的错误是“重定向你太多次”。我确信有一些东西我需要删除,但我无法弄清楚。我能够创建 Lets Encrypt 证书,并且使用 Cloudflare 作为我的 DNS。在 Cloudflare 上,我操纵了 SSL/TLS 加密模式和缓存,但没有效果。任何帮助将不胜感激。
version: "3.8"
services:
traefik:
image: "traefik:v2.11"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--api.dashboard=true"
- "--accesslog=true"
- "--providers.docker.network=web"
- "--providers.docker.exposedByDefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entryPoints.web.http.redirections.entrypoint.scheme=https"
- "--entrypoints.web.http.redirections.entrypoint.to=websecure"
- "--entrypoints.websecure.http.tls.certresolver=myresolver"
- "[email protected]"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.storage=/acme.json"
ports:
- "443:443"
- "80:80"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
labels:
- "traefik.enable=true"
- "traefik.http.routers.mydashboard.rule=Host(`subdomain.domain.net`)"
- "traefik.http.routers.mydashboard.tls=true"
- "traefik.http.routers.mydashboard.service=api@internal"
- "traefik.http.routers.mydashboard.middlewares=myauth"
- "traefik.http.middlewares.myauth.basicauth.users=USERNAME:Password12345"
networks:
- web
networks:
web:
external: true
我无法重现您的重定向问题,但您在问题中显示的 basicauth 配置无效。您 (a) 需要使用哈希密码,而不是明文密码,并且 (b) 您需要将
$
的每个实例转义为 $$
。
使用以下配置(基于您的配置,但删除了证书解析器配置):
services:
traefik:
image: "traefik:v2.11"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--api.dashboard=true"
- "--accesslog=true"
- "--providers.docker.exposedByDefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entryPoints.web.http.redirections.entrypoint.scheme=https"
- "--entrypoints.web.http.redirections.entrypoint.to=websecure"
ports:
- "8443:443"
- "8080:80"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
labels:
- "traefik.enable=true"
- "traefik.http.routers.mydashboard.rule=Host(`traefik.localhost`)"
- "traefik.http.routers.mydashboard.tls=true"
- "traefik.http.routers.mydashboard.service=api@internal"
- "traefik.http.routers.mydashboard.middlewares=myauth"
- "traefik.http.middlewares.myauth.basicauth.users=username:$$2y$$05$$aklMnbLc3fW23sBTFnlcnOvzFGKwDzjKC7KyWTLhAjQWzjuzzF89u"
我能够使用用户名
https://traefik.localhost:8443
和密码 username
成功访问浏览器中的仪表板 secret
。