DNSチャレンジを有効にする

2024-06-13 16:29:25 +00:00 · 2024-06-13 16:29:25 +00:00 · 46f1c247a9
commit 46f1c247a9
parent c460db544a
2 changed files with 11 additions and 10 deletions
--- a/docker/litey/docker-compose.yml
+++ b/docker/litey/docker-compose.yml
@ -8,11 +8,13 @@ services:
      - traefik
    labels:
      - traefik.enable=true
-      - traefik.http.routers.litey.rule=Host(`litey.trade`)
-      - traefik.http.routers.litey.tls=true
-      - traefik.http.routers.litey.tls.certResolver=letsencrypt
-      - traefik.http.routers.litey.service=litey-routing-service
-      - traefik.http.services.litey-routing-service.loadbalancer.server.port=8000
+      - traefik.http.routers.r4.rule=Host(`litey.trade`)
+      - traefik.http.routers.r4.tls=true
+      - traefik.http.routers.r4.tls.certResolver=letsencrypt
+      - traefik.http.routers.r4.tls.domains[0].main=litey.trade
+      - traefik.http.routers.r4.tls.domains[0].sans=*.litey.trade
+      - traefik.http.routers.r4.service=s4
+      - traefik.http.services.s4.loadbalancer.server.port=8000
    environment:
      - MONGO_URI=mongodb+srv://cluster0.xwewvby.mongodb.net/
      - MONGO_USER=yuuki
--- a/docker/traefik/docker-compose.yml
+++ b/docker/traefik/docker-compose.yml
@ -6,7 +6,6 @@ services:
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./acme:/acme
-    container_name: traefik
    image: traefik:v3.0.1
    networks:
      - traefik
@ -16,11 +15,11 @@ services:
      - --providers.docker.exposedByDefault=false
      - --providers.docker.network=traefik
      - --entryPoints.web.address=:80
-      - --entryPoints.web.http.redirections.entryPoint.to=websecure
      - --entryPoints.websecure.address=:443
-      - --entryPoints.websecure.http.tls.certResolver=letsencrypt
-      - --certificatesResolvers.letsencrypt.acme.email=0xv75b42326631e@au.com
-      - --certificatesResolvers.letsencrypt.acme.httpChallenge.entrypoint=web
+      - --certificatesResolvers.letsencrypt.acme.dnsChallenge=true
+      - --certificatesResolvers.letsencrypt.acme.dnsChallenge.provider=cloudflare
+      - --certificatesResolvers.letsencrypt.acme.dnsChallenge.delayBeforeCheck=0
+      - --certificatesResolvers.letsencrypt.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53
      - --certificatesResolvers.letsencrypt.acme.storage=acme/acme.json
      - --api.dashboard=true
    labels: