
This Original Post ishere
Example Docker Compose Configuration
traefik:image:"traefik:2.3.7"container_name:"traefik"restart:unless-stoppedports:-"80:80"-"443:443"#- "8080:8080"environment:-CF_DNS_API_TOKEN=${CF_DNS_API_TOKEN}volumes:-./traefik/config:/etc/traefik-traefik-ssl-certs:/ssl-certs-/etc/localtime:/etc/localtime-"/var/run/docker.sock:/var/run/docker.sock:ro"depends_on:-applabels:-"traefik.enable=true"-"traefik.http.routers.traefik.entrypoints=websecure"-"traefik.http.routers.traefik.tls.certresolver=myresolver"-"traefik.http.routers.traefik.rule=Host(`traefik.domain.id`)"-"traefik.http.routers.traefik.service=api@internal"
Replace traefik.domain.id with your actual domain.
Create a .env file and add the following:
CF_DNS_API_TOKEN=
This token can be obtained from Cloudflare.
Steps to Create an API Token in Cloudflare with the Required Permissions to Manage DNS for Your Domain
Step 1: Log In to Your Cloudflare Account
- Visit Cloudflare and log in with your credentials.
Step 2: Access the API Tokens Settings
- Once logged in, click on your avatar or account name in the top-right corner.
- Select My Profile from the dropdown menu.
- On the profile page, navigate to the API Tokens tab.
Step 3: Create a New API Token
- Click the Create Token button.
- Select the Edit zone DNS template or click Create Custom Token if you want tocustomize the permissions.
Langkah 4: Mengatur Izin API Token
If choosing Create Custom Token:
Token Configuration Steps
Token Name:\
Give your token a name, such asTraefik DNS Challenge
.Permissions:
- ClickAdd permissions.
- ChooseZone as the service.
- SelectDNS as the resource.
- ChooseEdit as the action.
Zone Resources:
- ClickAdd Zone Resources.
- SelectInclude.
- ChooseAll Zones orSpecific Zone to restrict access to aparticular zone.
- If choosingSpecific Zone, specify the domain, e.g.,
example.com
.
- If choosingSpecific Zone, specify the domain, e.g.,
Client IP Address Filtering (optional):\
Add specific IP addresses if you want to restrict token usage to certain IPs.TTL (optional):\
Set a token expiration period if needed.
Step 5: Create and Save the API Token
- ClickContinue to summary.
- Review the token settings to ensure they are correct.
- ClickCreate Token.
Step 6: Save the API Token
- Once the token is created, copy and save it in a secure location.>Note: This is the only time the token will be displayed, so ensure you> record it properly.
Create a traefik/config/traefik.yaml file:
global:checkNewVersion:falsesendAnonymousUsage:falseapi:dashboard:truedebug:trueaccessLog:{}entryPoints:web:address::80websecure:address::443serversTransport:insecureSkipVerify:truehttp:middlewares:redirect-to-https:redirectScheme:scheme:httpspermanent:truecertificatesResolvers:myresolver:acme:email:xxx@gmail.comstorage:/ssl-certs/acme.jsondnsChallenge:provider:cloudflareresolvers:-"1.1.1.1:53"-"8.8.8.8:53"delayBeforeCheck:5providers:docker:endpoint:"unix:///var/run/docker.sock"exposedByDefault:falsefile:directory:/etc/traefikwatch:true
Replacexxx@gmail.com with the email you use for Cloudflare.
Running Traefik
Run the following command to start Traefik:
docker compose up-d
Then, access the dashboard viahttp://traefik.domain.id or the domain you
configured earlier.
Debugging the DNS Challenge Process
To debug the DNS challenge, inspect the file with the following command:
cat /ssl-certs/acme.json
However, you need to access the Traefik container first:
dockerexec-it traefik sh
Canonical URL
For more detailed information,visit the original post on my blog.
Top comments(0)
For further actions, you may consider blocking this person and/orreporting abuse