5

I have a VPS on Scaleway where I am running docker and I am trying to make Let's Encrypt work with Traefik. This is my traefik.toml:

defaultEntryPoints = ["http", "https"]
debug = true
logLevel = "DEBUG"

[web]
  address = ":8080"
    [web.auth.basic]
    users = ["admin:$apr1$CXbUFy59$gnQY50uMvzc3Q5tnhA2ZZ."]

[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
      entryPoint = "https"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]

[retry]

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "viatecnologia.it"
watch = true
exposedbydefault = false

[acme]
email = "admin@viatecnologia.it"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
  [acme.dnsChallenge]
  provider = "ovh"
  delayBeforeCheck = 0
onDemand = false

[[acme.domains]]
  main = "viatecnologia.it"
  sans = ["www.viatecnologia.it"]
  sub = "monitor.viatecnologia.it"

And here is my docker-compose:

version: "3"

services:
  traefik:
    container_name: traefik
    image: traefik
    volumes:
      - $PWD/traefik.toml:/etc/traefik/traefik.toml
      - $PWD/acme.json:acme.json
      - /var/run/docker.sock:/var/run/docker.sock
    ports:
      - "80:80"
      - "443:443"
    labels:
      - traefik.frontend.rule=Host:monitor.viatecnologia.it
      - traefik.port=8080
    environment:
      - OVH_ENDPOINT=ovh-eu
      - OVH_APPLICATION_KEY=fdfdsfa
      - OVH_APPLICATION_SECRET=fdsafsafda
      - OVH_CONSUMER_KEY=fdasfasdfa
    networks:
      - proxy


networks:
  proxy:
external: true

When I run docker-compose up I get this error

traefik    | time="2018-01-31T21:08:25Z" level=info msg="Server configuration reloaded on :443"
traefik    | time="2018-01-31T21:08:25Z" level=info msg="Server configuration reloaded on :80"
traefik    | time="2018-01-31T21:08:25Z" level=info msg="Server configuration reloaded on :8080"
traefik    | Error when call OVH api to add record : "Error 403: \"This credential does not exist\""
traefik    | Error when call OVH api to add record : "Error 403: \"This credential does not exist\""
traefik    | time="2018-01-31T21:08:33Z" level=error msg="map[viatecnologia.it:Error presenting token: Error 403: "This credential does not exist" www.viatecnologia.it:Error presenting token: Error 403: "This credential does not exist"]"
traefik    | time="2018-01-31T21:08:33Z" level=error msg="Error getting ACME certificate for domain [viatecnologia.it www.viatecnologia.it]: cannot obtain certificates map[viatecnologia.it:Error presenting token: Error 403: "This credential does not exist" www.viatecnologia.it:Error presenting token: Error 403: "This credential does not exist"]"
traefik    | time="2018-01-31T21:08:33Z" level=info msg="Retrieved ACME certificates"
traefik    | time="2018-01-31T21:08:33Z" level=info msg="Testing certificate renew..."

I created an app on https://eu.api.ovh.com/createApp/ but it tells me the credentials doesn't exist. I create the token like in their tutorial Did I forget something?

Any help?

GhzNcl
  • 149
  • 1
  • 4
  • 13
  • I changed the traefik.toml [acme.dnsChallenge] to manual. At some point it started working but then it stopped again. Now I get this logs from traefik: – GhzNcl Feb 01 '18 at 13:46
  • traefik | time="2018-02-01T13:44:31Z" level=info msg="Retrieved ACME certificates" traefik | time="2018-02-01T13:44:31Z" level=info msg="Testing certificate renew..." – GhzNcl Feb 01 '18 at 13:46
  • Instead of https://eu.api.ovh.com/createApp/, try to use: https://eu.api.ovh.com/createToken/ In the first one, you create an app but afterward you have to generate credentials for this app. With the 2nd one, you create both app & token at the same time. It will be easier for your use case – Pierre Jun 01 '23 at 14:28

0 Answers0