Movatterモバイル変換


[0]ホーム

URL:


Skip to content
DEV Community
Log in Create account

DEV Community

Cover image for Traefik Cloudflare DNS Challenge
fajar sp
fajar sp

Posted on

     

Traefik Cloudflare DNS Challenge

This Original Post ishere

Example Docker Compose Configuration

traefik:image:"traefik:2.3.7"container_name:"traefik"restart:unless-stoppedports:-"80:80"-"443:443"#- "8080:8080"environment:-CF_DNS_API_TOKEN=${CF_DNS_API_TOKEN}volumes:-./traefik/config:/etc/traefik-traefik-ssl-certs:/ssl-certs-/etc/localtime:/etc/localtime-"/var/run/docker.sock:/var/run/docker.sock:ro"depends_on:-applabels:-"traefik.enable=true"-"traefik.http.routers.traefik.entrypoints=websecure"-"traefik.http.routers.traefik.tls.certresolver=myresolver"-"traefik.http.routers.traefik.rule=Host(`traefik.domain.id`)"-"traefik.http.routers.traefik.service=api@internal"
Enter fullscreen modeExit fullscreen mode

Replace traefik.domain.id with your actual domain.

Create a .env file and add the following:

CF_DNS_API_TOKEN=
Enter fullscreen modeExit fullscreen mode

This token can be obtained from Cloudflare.

Steps to Create an API Token in Cloudflare with the Required Permissions to Manage DNS for Your Domain

Step 1: Log In to Your Cloudflare Account

  1. Visit Cloudflare and log in with your credentials.

Step 2: Access the API Tokens Settings

  1. Once logged in, click on your avatar or account name in the top-right corner.
  2. Select My Profile from the dropdown menu.
  3. On the profile page, navigate to the API Tokens tab.

Step 3: Create a New API Token

  1. Click the Create Token button.
  2. Select the Edit zone DNS template or click Create Custom Token if you want tocustomize the permissions.

Langkah 4: Mengatur Izin API Token

If choosing Create Custom Token:

Token Configuration Steps

  1. Token Name:\
    Give your token a name, such asTraefik DNS Challenge.

  2. Permissions:

    • ClickAdd permissions.
    • ChooseZone as the service.
    • SelectDNS as the resource.
    • ChooseEdit as the action.
  3. Zone Resources:

    • ClickAdd Zone Resources.
    • SelectInclude.
    • ChooseAll Zones orSpecific Zone to restrict access to aparticular zone.
      • If choosingSpecific Zone, specify the domain, e.g.,example.com.
  4. Client IP Address Filtering (optional):\
    Add specific IP addresses if you want to restrict token usage to certain IPs.

  5. TTL (optional):\
    Set a token expiration period if needed.

Step 5: Create and Save the API Token

  1. ClickContinue to summary.
  2. Review the token settings to ensure they are correct.
  3. ClickCreate Token.

Step 6: Save the API Token

  1. Once the token is created, copy and save it in a secure location.>Note: This is the only time the token will be displayed, so ensure you> record it properly.

Create a traefik/config/traefik.yaml file:

global:checkNewVersion:falsesendAnonymousUsage:falseapi:dashboard:truedebug:trueaccessLog:{}entryPoints:web:address::80websecure:address::443serversTransport:insecureSkipVerify:truehttp:middlewares:redirect-to-https:redirectScheme:scheme:httpspermanent:truecertificatesResolvers:myresolver:acme:email:xxx@gmail.comstorage:/ssl-certs/acme.jsondnsChallenge:provider:cloudflareresolvers:-"1.1.1.1:53"-"8.8.8.8:53"delayBeforeCheck:5providers:docker:endpoint:"unix:///var/run/docker.sock"exposedByDefault:falsefile:directory:/etc/traefikwatch:true
Enter fullscreen modeExit fullscreen mode

Replacexxx@gmail.com with the email you use for Cloudflare.

Running Traefik

Run the following command to start Traefik:

docker compose up-d
Enter fullscreen modeExit fullscreen mode

Then, access the dashboard viahttp://traefik.domain.id or the domain you
configured earlier.

Debugging the DNS Challenge Process

To debug the DNS challenge, inspect the file with the following command:

cat /ssl-certs/acme.json
Enter fullscreen modeExit fullscreen mode

However, you need to access the Traefik container first:

dockerexec-it traefik sh
Enter fullscreen modeExit fullscreen mode

Canonical URL
For more detailed information,visit the original post on my blog.

Top comments(0)

Subscribe
pic
Create template

Templates let you quickly answer FAQs or store snippets for re-use.

Dismiss

Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment'spermalink.

For further actions, you may consider blocking this person and/orreporting abuse

  • Location
    Bandung, Indonesia
  • Joined

More fromfajar sp

DEV Community

We're a place where coders share, stay up-to-date and grow their careers.

Log in Create account

[8]ページ先頭

©2009-2025 Movatter.jp