From 498d46e9005027885cdd1221a483f707072c779d Mon Sep 17 00:00:00 2001 From: Nicole Rappe Date: Thu, 7 Nov 2024 18:18:11 -0700 Subject: [PATCH] Update Docker & Kubernetes/Docker/Docker Compose/Traefik.md --- Docker & Kubernetes/Docker/Docker Compose/Traefik.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Docker & Kubernetes/Docker/Docker Compose/Traefik.md b/Docker & Kubernetes/Docker/Docker Compose/Traefik.md index cb76f1e..5fb1c3a 100644 --- a/Docker & Kubernetes/Docker/Docker Compose/Traefik.md +++ b/Docker & Kubernetes/Docker/Docker Compose/Traefik.md @@ -21,7 +21,11 @@ If these are not set, Traefik will still work, but SSL certificates will not be issued from Let's Encrypt, and SSL traffic will be terminated using a self-signed Traefik-based certificate, which is only good for local testing. - If you plan on using HTTP-based challenges, you will need to un-comment `"--certificatesresolvers.myresolver.acme.tlschallenge=true"` in the docker-compose data, and comment-out `"--certificatesresolvers.letsencrypt.acme.dnschallenge=true"` and `"--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare"`. Lastly, you need to ensure that port 80 on your firewall is opened to the IP of the Traefik Reverse Proxy to allow Let's Encrypt to do TLS-based challenges. + If you plan on using HTTP-based challenges, you will need to make the following changes in the docker-compose.yml data: + - Un-comment `"--certificatesresolvers.myresolver.acme.tlschallenge=true"` + - Comment-out `"--certificatesresolvers.letsencrypt.acme.dnschallenge=true"` + - Comment-out `"--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare"` + - Lastly, you need to ensure that port 80 on your firewall is opened to the IP of the Traefik Reverse Proxy to allow Let's Encrypt to do TLS-based challenges. ### Stack Deployment Information ```jsx title="docker-compose.yml"