Rebonjour !
Donc j'ai suivi les conseils de @laster13, avant ma config traefik et docker étaient cracra donc je les ai remises au propre et en plus traefik est passé en V2 donc j'ai du faire la traduction entre V1 et V2 (ça a pris plus de temps que prévu...). Bref... Ca ne marche malheureusement toujours pas... (T_T)
Je vous donne dans l'ordre ma config traefik.toml, les docker compose de traefik, rtorrent/flood et radarr, le docker inspect du réseau sur lequel est connecté tous les containers de mon stack de téléchargement automatisé et des logs de radarr.
mon traefik.toml en v2 avec du dnschallenge chez OVH:
[global]
checkNewVersion = true
sendAnonymousUsage = false
[entryPoints]
[entryPoints.http]
# Listen on port 80 for incoming requests
address = ":80"
[entryPoints.https]
# Listen on port 443 for incoming requests
address = ":443"
[providers]
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
exposedByDefault = false #Expose containers by default through Traefik. If set to false, containers that don't have a traefik.enable=true label will be ignored from the resulting routing configuration.
watch = true
#[providers.docker.tls]
# insecureSkipVerify = true #If insecureSkipVerify is true, TLS for the connection to Docker accepts any certificate presented by the server and any host name in that certificate.
[certificatesResolvers.dnschallengeovh.acme]
email = "mon email"
storage = "acme.json"
#caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"
[certificatesResolvers.dnschallengeovh.acme.dnsChallenge]
provider = "ovh"
delayBeforeCheck = 10
resolvers = ["213.251.128.146:53", "213.251.188.146:53"]
[api]
dashboard = true
#insecure = true
debug = true
[log]
level = "INFO" #DEBUG, PANIC, FATAL, ERROR, WARN, and INFO
filePath = "/var/traefik.log"
format = "json"
le docker compose de mon traefik :
version: '3.3'
secrets:
# secret name also used to name the file exposed within the container
ovh_endpoint:
# path on the host
file: "/home/docker/traefik/secrets/ovh_endpoint.secret"
ovh_application_key:
file: "/home/docker/traefik/secrets/ovh_application_key.secret"
ovh_application_secret:
file: "/home/docker/traefik/secrets/ovh_application_secret.secret"
ovh_consumer_key:
file: "/home/docker/traefik/secrets/ovh_consumer_key.secret"
networks:
traefik-public-net:
external: true
services:
traefik:
# The official v2.0 Traefik docker image
image: traefik
container_name: "traefik"
# Enables the web UI and tells Traefik to listen to docker
ports:
# The HTTP port
- "80:80"
# The HHTPS port
- "443:443"
secrets:
- "ovh_endpoint"
- "ovh_application_key"
- "ovh_application_secret"
- "ovh_consumer_key"
environment:
- "OVH_ENDPOINT_FILE=/run/secrets/ovh_endpoint"
- "OVH_APPLICATION_KEY_FILE=/run/secrets/ovh_application_key"
- "OVH_APPLICATION_SECRET_FILE=/run/secrets/ovh_application_secret"
- "OVH_CONSUMER_KEY_FILE=/run/secrets/ovh_consumer_key"
networks:
- traefik-public-net
volumes:
# So that Traefik can listen to the Docker events
- /home/docker/traefik/traefik.toml:/etc/traefik/traefik.toml
- /var/run/docker.sock:/var/run/docker.sock:ro
- /home/docker/traefik/acme.json:/etc/traefik/acme.json
- /home/docker/traefik/traefik.log:/var/traefik.log
labels:
#labels to have access to the dashboard with digest auth
- traefik.enable=true
- traefik.http.routers.traefikdashboard-http.rule=Host(`traefik.monndd.fr`)
- traefik.http.routers.traefikdashboard-http.entrypoints=http
- traefik.http.middlewares.httptohttps.redirectscheme.scheme=https
- traefik.http.routers.traefikdashboard-http.middlewares=httptohttps
- traefik.http.routers.traefikdashboard-https.rule=Host(`traefik.monndd.fr`)
- traefik.http.routers.traefikdashboard-https.entrypoints=https
- traefik.http.routers.traefikdashboard-https.service=api@internal
- traefik.http.routers.traefikdashboard-https.tls.certresolver=dnschallengeovh
- traefik.http.routers.traefikdashboard-https.tls.domains[0].main=*.monndd.fr
- traefik.http.routers.traefikdashboard-https.tls.domains[0].sans=monndd.fr
- traefik.http.routers.traefikdashboard-https.middlewares=auth
- traefik.http.middlewares.auth.digestauth.users=admin:traefik:7b00c241efff5b8d4520e782459b90178
restart: unless-stopped
le docker compose de rtorrent-flood:
version: "3.3"
networks:
traefik-public-net:
external: true
pirate-net:
external: true
secrets:
# secret name also used to name the file exposed within the container
flood_secret:
# path on the host
file: /home/docker/rtorrent-flood/secrets/secret.secret
services:
rtorrent:
image: wonderfall/rtorrent-flood:new
container_name: rtorrent-flood
tty: true
secrets:
- flood_secret
environment:
- UID=1000
- GID=1000
- FLOOD_SECRET_FILE=/run/secrets/flood_secret
volumes:
- /home/docker/rtorrent-flood/flood-db:/flood-db
- /smbshared/downloads:/data
networks:
- traefik-public-net
- pirate-net
ports:
- 49184:49184
- 49184:49184/udp
labels:
#connect the container to traefik and define which network to use
- traefik.enable=true
- traefik.docker.network=traefik-public-net
#enabling http
- traefik.http.routers.rtorrent-http.rule=Host(`rtorrent.monndd.fr`)
- traefik.http.routers.rtorrent-http.entrypoints=http
#Define and use of middelware to force http to https
- traefik.http.middlewares.httptohttps.redirectscheme.scheme=https
- traefik.http.routers.rtorrent-http.middlewares=httptohttps
#enabling https
- traefik.http.routers.rtorrent-https.rule=Host(`rtorrent.monndd.fr`)
- traefik.http.routers.rtorrent-https.entrypoints=https
#Certificate resolver and certificates names to use for tls
- traefik.http.routers.rtorrent-https.tls.certresolver=dnschallengeovh
- traefik.http.routers.rtorrent-https.tls.domains[0].main=*.monndd.fr
- traefik.http.routers.rtorrent-https.tls.domains[0].sans=monndd.fr
#Define what port to reach to access the container/service
- traefik.http.routers.rtorrent-https.service=rtorrent_server_service
- traefik.http.services.rtorrent_server_service.loadbalancer.server.port=3000
restart: unless-stopped
le docker compose de radarr :
version: "3.7"
networks:
traefik-public-net:
external: true
pirate-net:
external: true
services:
radarr:
image: linuxserver/radarr
container_name: radarr
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Paris
volumes:
- /home/docker/radarr/config:/config
- /smbshared/media/movies:/movies
- /smbshared/downloads:/downloads
networks:
- traefik-public-net
- pirate-net
labels:
#connect the container to traefik and define which network to use
- traefik.enable=true
- traefik.docker.network=traefik-public-net
#enabling http
- traefik.http.routers.radarr-http.rule=Host(`radarr.monndd.fr`)
- traefik.http.routers.radarr-http.entrypoints=http
#Define and use of middelware to force http to https
- traefik.http.middlewares.httptohttps.redirectscheme.scheme=https
- traefik.http.routers.radarr-http.middlewares=httptohttps
#enabling https
- traefik.http.routers.radarr-https.rule=Host(`radarr.monndd.fr`)
- traefik.http.routers.radarr-https.entrypoints=https
#Certificate resolver and certificates names to use for tls
- traefik.http.routers.radarr-https.tls.certresolver=dnschallengeovh
- traefik.http.routers.radarr-https.tls.domains[0].main=*.monndd.fr
- traefik.http.routers.radarr-https.tls.domains[0].sans=monndd.fr
#Define what port to reach to access the container/service
- traefik.http.routers.radarr-https.service=radarr_server_service
- traefik.http.services.radarr_server_service.loadbalancer.server.port=7878
restart: unless-stopped
Si j'inspecte le réseau pirate-net sur docker je vois bien les 3 containers :
et en rentrant dans le container rtorrent-flood j'arrive à pinger 172.26.0.4 et 172.26.0.3
[
{
"Name": "pirate-net",
"Id": "b4faf96ec36f8eaeea56c2246e792dbd569b219a20965b9f273bd5004796ecf0",
"Created": "2019-10-20T19:23:11.420443193Z",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.26.0.0/24"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"3751f4f89b04c8c3698e118ad3516261ee7bf371a710f491e55e79146fd9de43": {
"Name": "jackett",
"EndpointID": "72789d1240ddcdc7c96e8b1a0b2f3d22b34be57e84e3ba5e929cdd6d3034d7fd",
"MacAddress": "02:42:ac:1a:00:03",
"IPv4Address": "172.26.0.3/24",
"IPv6Address": ""
},
"3a425d751515d7c12ea4cfe8ccb277d15bb6d48683c2a5be197df52a331a836d": {
"Name": "radarr",
"EndpointID": "645e5833e2aa59350c1468e8e3a8305781cfeaea96aad29e2a5bbc3e4ffe6943",
"MacAddress": "02:42:ac:1a:00:04",
"IPv4Address": "172.26.0.4/24",
"IPv6Address": ""
},
"9476fe59c619c5b8c8a304ff3d65fd464864eae8b7aa1935907169eaabce53e7": {
"Name": "rtorrent-flood",
"EndpointID": "6513b2928f0fb9d35238f1b83a381298756ae724fe4fbd591e20b22fd267e403",
"MacAddress": "02:42:ac:1a:00:02",
"IPv4Address": "172.26.0.2/24",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
Aussi le fichier config.js dans container rtorrent/flood :
const CONFIG = {
baseURI: process.env.WEBROOT || '/',
dbCleanInterval: 1000 * 60 * 60,
dbPath: '/flood-db/',
floodServerPort: 3000,
maxHistoryStates: 30,
pollInterval: 1000 * 5,
secret: process.env.FLOOD_SECRET || 'secret',
scgi: {
host: 'localhost',
port: 5000,
socket: true,
socketPath: '/tmp/rtorrent.sock'
}
};
module.exports = CONFIG;
et quand je teste différentes combinaisons de paramètre de ports 3000/5000/49184 de Host : localhost,rtorrent-flood,172.26.0.2 et différent url path /,RPC2, . Rien ne marche j'ai différents types d'erreur mais rien ne passe le test.
Je suis complétement perdu si quelqu'un a une idée ? Je suis très très très preneur !