Discussion - Traefik problem on main domain | PlexGuide.com

Discussion Traefik problem on main domain

  • Stop using Chrome! Download the Brave Browser via >>> [Brave.com]
    It's a forked version of Chrome with native ad-blockers and Google's spyware stripped out! Download for Mac, Windows, Android, and Linux!
Welcome to the PlexGuide.com
Serving the Community since 2016!
Register Now

vapzombi

Citizen
Original poster
Donor
Apr 14, 2020
11
4
Hello

I set up PG last week its been great but ive hit a few problems when i setup traefik it will only connect to sub.domains

if i tried to go to my main domain address name then i get security warning about hsts & https

i tried redeploying and that broke everything i hit the 5 times a week limit so ended up getting another domain which i have used 3 goes on i think this week

i made sure all details are correct i am using a godaddy domain and i added api secret and key

both domains have acted the same way i[e main domain name not working but sub domains ok

I got in a mess after trying to redeploy and the only way i got sub domains to work again was to delete treafik appdata that seems to have got me back to sub domains working

since then i had isvues with certain apps for instance ombi will no longer run i can try to install it and everything reports ok but the docker will not run

i got over by installing ombihdr

i also tried to install Nextcloud today and that acts the same way everything looks ok when installing it gets to the point of reporting its installed and showing me a url access address

but no docker is running if i go straight back into PG Box and go to 3 to remove there will be no nextcloud to uninstall as nothing is running

Any suggestions or help anyone can give would be great Thanks

i am using PlexGuide on a remote herzner dedicated server

im not sure where the logs are atm but if you want me to post any just tell me where to get them

thanks

edit i run nextcloud install again and saw this error this time
fatal: [127.0.0.1]: FAILED! => {"changed": false, "msg": "Bind addresses for published ports must be IPv4 or IPv6 addresses, not hostnames. Use the dig lookup to resolve hostnames. (Found hostname: 127.0.0.0.1)"}

PLAY RECAP *********************************************************************
127.0.0.1 : ok=32 changed=16 unreachable=0 failed=1 skipped=10 rescued=0 ignored=0

is this anything to do with the treafik error ?
 
Last edited:

bodgeup

Experienced
Staff
FreeLancer
Donor
Aug 12, 2018
96
32
What TLD app have you setup in Traefik?? Some apps do have a couple of docker ENV value bugs! Traefik uses ENV values set via the docker YML files. I had a problem with Muximux :-
1587403703966.png
Look in portainer on your set TLD app and scroll down till you find these values, the apps get a "traefik.frontend.rule" setting there own subdomains but the TLD app must have 2 values one being "host:yourdomain.com," and another after "appname.yourdomain.com" but some apps seem to have this value repeated! not all apps but some do for some reason and ive not had time to check the code so far. If your TLD app has this repeated value e.g "appname.yourdomain.com,appname.yourdomain.com" then you need to edit this container to set the correct value "yourdomain.com,appname.yourdomain.com" set that value as per this last example and your TLD app should work properly as well as all your subdomains. But you wont get a valid cert until your rate limit has elapsed!

Also what provider are you using for dns?? Cloudflare I use and had to set up my records manually, an A record for yourdomain.com and then cname for your apps appname.yourdomain.com. But others work with the Treafik API better and in those instances you only need to set the A record and a Cname for portainer.yourdomain.com.

Anyway let me know if this was of any use to you!

Talk later all,
 

vapzombi

Citizen
Original poster
Donor
Apr 14, 2020
11
4
Hello bodge up

thanks for your reply :) im still using portainer i did try and swap to heimdall that also failed so i when back to portainer

i purchased a godaddy domain name to try and make life as easy as possible i ended up buying 2 as i ran out of chances on the first (i think) and did not want to wait a week
i choose the best value name they had for sale which did not get a yearly price raise it was a .de name so it matched the herzner server !

i just checked portainer for the frontend.rule

it has 3 rules
Host:---------portainer.my-go-daddy-domain.de,my-go-daddy-domain.de.www.my-go-daddy-domain
i added the --------- after host otherwise you get a :p face

it works at portainer.my-go-daddy-domain.de
it fails at my-go-daddy-domain.de
edit
i whet to my control panel and saw an entry for www. as an A record im not sure where that came from so i deleted it and made sure only a record was a * wildcare pointing to my server ip
i then destroyed traefik and rerun but still get same trouble only sub domains work and i still have www. attached to portainer would that make a trouble ? i never had www. on my first go daddy domain but still had TLD error
Post automatically merged:

I just registered one of my non godaddy domain names to cloudflare so maybe i can give that a try in a weeks time i think my godaddy names should be reset by then so i could always swap back to them at the worst

it seems to be if i delete the traefik appdata i can get back to working sub domains to keep the basics working deleting
i remove a couple of old containers in portainer that fixed ombi so its just nextcloud now which i guess might be to do with my treafik issue
 
Last edited:

bodgeup

Experienced
Staff
FreeLancer
Donor
Aug 12, 2018
96
32
OK Godaddy I have my domains on too but Cloudflare i use as its a great CDN, but Godaddy's API works much better so might be easier to stick with that to start with. With godaddy you need an A record for value @ and target - you Plexguide instance IP, then you need a CNAME with value PORTAINER and target @ that will be all you need with godaddy API as traefik will create the other CNAME records for your so stick with that till you have it working. Next do you have a firewall on your VPS?? you must have port 80 and 443 open to the internet pointing to your internal IP!! Firewalls can get in the way in regards to the ACME bot. Could you post the portainer traefik logs for me pls id like to see what error your getting? the ACME Letsencrypt bot has several rate limits, I guess you have hit an IP rate limit as you have tried deploying Traefik so many times now so that means you will have to wait a week to be able to get a new cert as its not just done by your Domain name its also dont by your Public IP address too so using another Domain name if you have hit your IP rate limit wont work. So post your portainer logs. When you changed that ENV variable for your TLD app "portainer" is best to set as your TLD till your Certs right: -
traefik.frontend.ruleHost:mydomain.ml,muximux.mydomain.ml
When did you change that value as per my post?? You only change that variable after traefik has been deployed and your SSL cert is working ok!! Portainer generally does work as its supposed to as you TLD and on its own Subdomain name! But yeah get the ACME Cert bot working first then work on your TLD app problems! Thats what i set my TLD too when traefik finished and showed as deployed and not deployed incorrectly

Also could you post your Portainers ENV varibiles for me marking out your actual domain name but not so much i cant make sense of what its set too pls?

Ill be able to help more once ive seen it, Im going to suggest a change to the traefik container as there is a value that can be added to the Traefik.toml called Debug mode or "debug = true" its what you can use for testing Traefik so that you dont hit those rate limits. But anyway get me that info and ill see if i can get you sorted!
 
Last edited:

vapzombi

Citizen
Original poster
Donor
Apr 14, 2020
11
4
Thanks for your help bodge up

thats great info and ive just bookmarked the page for my next try but after reading the forum i am thinking of changing my plans
i have just realized what everyone is doing with gsuite and unlimited space i never realized this was possible

so my idea now is to ditch this old server i got at herzner auction its a o i7-4700 with 2 6gb drives which sounded quite big for a private media server at the time but now i see folks here talking about 200tb collections

i was reading the forum last night so decided to get a better newer model server

| am thinking of the herzner i7-8700 with 2 8tb drives and a 1tb ssd nvme but i wanted to know about drives i was going to get a 2 8tb sata drive for seeding torrents and a 1tb sata nvme for plexguide. Is this the best way to go with storage for seeding ?
When i use automatic type apps like radarr & sonarr i only use usenet
I only use torrents for manual downloads i am a member of torrent-leech private trackers so i want to seed torrents back for as long as possible

any thoughts you have would be brilliant ive been reading the forum and it seems to be an easier life to get things right from the start

I was going to get the 12$ gsuite but im a little unsure of what you need to qualify for team drive will my 1 business gsuite be ok for tdrive or am i missing something as i saw in the wiki that it was mentioned that tdrive costs more than gdrive ? but i cant find any more information on what you need for tdrive ? It seems its a part of gsuite business ? or do you need 5 people to use tdrive ?

any tips or advice anyone can give would be really appreciated

sorry i changed subjects away from treafik i just trying to get things right this time around :)

thanks dave
Post automatically merged:

i am not going to redeploy on this server now

i never thought about the ip oh well hopefully next try i get it right i think the info you gave will help me out alot i im sure its something i did wrong i never had a portainer cname set

thanks again for your help i may well be back in a weeks time but hopefully not
Post automatically merged:

Hello

Got there with new machine

i ended up adding

@ at my ip address
* at my ip address
and a portainer cname

i edited my portainer container to try and remove the www. but when i redeployed it was added back so looks like you have sent up www.


traefik.frontend.ruleHost:portainer.mydomain.de,mydomain.de,www.mydomain.de

The deploy still failed it worked only on subdomains so i checked the traefik logs which said about incorrect txt record

i whet back to godaddy and removed the txt record then redeployed and it worked !!!!!!!!!!! happy at last :)

after this i decided to make heimdall my TLD i then hit the error you said above

traefik.frontend.rule = Host: heimdall.mydomain.de,heimdall.mydomain.de

so i edited this to remove the double entry and then heimdall worked as TLD i remove the heimdall. on the second entry

thanks for your help
 
Last edited:

bodgeup

Experienced
Staff
FreeLancer
Donor
Aug 12, 2018
96
32
Yeah cloudflare API seems broken! same storey with other provider options but yes Godaddy API does seem fine still! That TXT record error is the DNS verification failure! Traefik using acme cert bot uses DNS verification here so the API is supposed to add the needed TXT record to the set provider for the cert verification to work so the cert is issued from LE!

So im glad to hear u sorted it but ur TLD does it now still work for both FQDN's yeah?? Whatever the case if the Provider API works then traefik does do the rest for u so sorry wasnt around recently but ive got some time this weekend free to read here again!.

Talk soon.
 

vapzombi

Citizen
Original poster
Donor
Apr 14, 2020
11
4
hi

Its strange but i had real trouble with godaddy i ended up with 2 domains names and only got it working once for whole TLD rest of time it would only work with sub domains

but then i swapped to a domain name i registered with cloudflare

i used api = global cloudflare api
email = my cloudflare username email
i used A record pointing to my ip
and a cname for each docker

and since then i've had no troubles :)
 

bodgeup

Experienced
Staff
FreeLancer
Donor
Aug 12, 2018
96
32
Well main thing is its working , i too use Cloudflare nowdays just for its CDN and firewall features that do help with cloud servers. I am going to see if i can do some debug testing on the plexguide traefik container if i have time too as it was designed to use the provider you use api's!! When i first started with Plexguide you only had to setup an A record to your IP then a Cname record for portainer and the API did the rest which was to add the CNAME records in when you installed a new app in plexguide but it seems that broke a while ago now lol. It just where the API's change all the time but yes as long as you add a CNAME in manually for every app you intend to use you shouldnt see any issues as the Cert should now autorenew, but keep an eye on that part but as long as the traefik acme bot has already verified the domain name in use it shouldnt be a problem. But yes follow the WiKi to the letter as its exactly what i started out using!! If your TLD app fqdn's are now working that shouldnt cause anymore issues either as the container values shouldnt need to change again unless you intend to change the TLD app which again just keep an eye on those portainer ENV values on the containers.

Have fun!!
 

Recommend NewsGroups

      Up To a 58% Discount!

Trending