Comments (4)
Looks like it runs now without any errors.
Thanks for your fast and kind help!
from docker-mailserver-traefik.
Hello!
Is Traefik able to generate a certificate for whoami.${DOMAIN_JS}
?
You configuration seem very similar to https://github.com/youtous/docker-mailserver-traefik/blob/master/test/files/docker-compose.traefik.v2.file.yml which is used in the tests.
I think traefik is not generating any certificate due to the lack of certResolver
associated to the entryPoints
or to the router
. Here's the Traefik configuration used in the example above, showing how to define a certResolver associated with an entrypoint
According to the Traefik documentation, certResolver
can be defined on the router (https://doc.traefik.io/traefik/v2.0/routing/routers/#certresolver) as you did on the my-app
service.
Could you test the following configuration for the mail service?
mail:
image: tvial/docker-mailserver:latest
hostname: ${HOSTNAME}
domainname: ${DOMAINNAME}
container_name: ${CONTAINER_NAME}
ports:
- "25:25"
- "143:143"
- "587:587"
- "993:993"
volumes:
- ../traefik/letsencrypt/acme.json:/etc/letsencrypt/acme.json:ro
- ../../data/mailserver/maildata:/var/mail
- ../../data/mailserver/mailstate:/var/mail-state
- ../../data/mailserver/maillogs:/var/log/mail
- ../../data/mailserver/config/:/tmp/docker-mailserver/
# ? if SELinux is enabled, uncomment the line below and comment the line above
# - ./config/:/tmp/docker-mailserver/${SELINUX_LABEL}
labels:
- "mailserver-traefik.renew.domain=mail.domain.com" # tag the service
# traefik configuration using labels, not required
- "traefik.enable=true" # use traefik v2 for certificate generation
- "traefik.port=443" # dummy port, required generating certs with traefik
- "traefik.http.routers.mail.rule=Host(`mail.domain.com`)"
- "traefik.http.routers.mail.entrypoints=https"
- "traefik.http.routers.mail.tls=true"
- "traefik.http.routers.mail.tls.certresolver=le"
- "traefik.http.routers.mail.middlewares=redirect-webmail@docker" # redirect to webmail
- "traefik.http.middlewares.redirect-webmail.redirectregex.regex=.*"
- "traefik.http.middlewares.redirect-webmail.redirectregex.replacement=https://webmail.domain.com/"
env_file:
- mailserver.env
cap_add:
- NET_ADMIN
- SYS_PTRACE
restart: always
networks:
- internal
- external
from docker-mailserver-traefik.
That indeed was the reason why no cert was created - thanks a lot!
The new output from logs is
[INFO] Running on a regular host.
[INFO] 1 domain(s) to watch: mail.domain.com
[INFO] Configured to automatically push existing certificates in containers every 15m (PUSH_PERIOD=15m).
[INFO] file selected as certificates source
[INFO] Traefik v2 selected as target
[INFO] certificate for mail.domain.com not yet generated, skipping push...
[INFO] certificate for mail.domain.com not yet generated, skipping push...
[INFO] certificate for mail.domain.com not yet generated, skipping push...
[INFO] Pushing mail.domain.com to 1 subscribed containers
[INFO] Pushing mail.domain.com certificate in container d5b8faff905e
[INFO] mail.domain.com - new certificate '/tmp/ssl/fullchain.pem' received on mailserver container
[INFO] mail.domain.com - Cert update: new certificate copied into container
[INFO] mail.domain.com - Cert update: restarting daemons Postfix and Dovecot
postfix: ERROR (not running)
postfix: ERROR (abnormal termination)
dovecot: stopped
dovecot: started
[INFO] mail.domain.com - ONE_DIR detected, generating copy in /var/mail/manual-ssl/{cert,key}
I'm worried about the 2 errors with postfix. Do I have to start the containers in a different order maybe? Or can this message be ignored? (I highly doubt it wwith ERROR ;))
from docker-mailserver-traefik.
Good!
Regarding the postfix error message, it can happen if the service was not running and the certificate triggered a restart (first error is due to the stop, the second indicates postfix start did not successfully completed).
Perhaps, the supervisor calls are done simultaneously with the scripts inside docker-mailserver, however, if the postfix service is still running after the trigger push of the certificate you don't have to worry about.
Please just check postfix is running without action on your side when the certificate is pushed and the certificates has been retrieved by postfix.
from docker-mailserver-traefik.
Related Issues (5)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-mailserver-traefik.