Use Traefik to generate Let's Encrypt certificates

[Krautmaster]

Hi @truecharts and others. Thx for this awesome support

Im currently stuck with traefik on truenas scale. Still trying to generate my cert and I always get the response

in cloudflare i can see how a acme txt pops and then is gone very soon after the fault

what am Im doing wrong. Actually, traefik is already running on the NAS and i forwarded my routers port 80 / 443 to that NAS. Webgui is on 81 and 444, traefik is listening on 80/443.
But I really can't say if this is the reason for the error creating a wildcard cert?

As you might see i also have the krautmaster.de domain and strangely i was able to get a cert yesterday after billions of tries but cant say how. Maybe i removed traefik that time from the Apps on my truenas scale but well it must be able to create and renew a cert with traefik running right?

any ideas? thx in advance

 

[danb35]

in cloudflare i can see how a acme txt pops and then is gone very soon after the fault

But Cloudflare isn't your DNS host. Why are you trying to update with them?

Code:

 dan@Dan-Mac-Mini-2  ~  dig ns krautmaster.eu

; <<>> DiG 9.10.6 <<>> ns krautmaster.eu
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44250
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;krautmaster.eu.            IN    NS

;; ANSWER SECTION:
krautmaster.eu.        150    IN    NS    docks12.rzone.de.
krautmaster.eu.        150    IN    NS    shades07.rzone.de.

;; Query time: 732 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Mon Nov 21 14:24:23 EST 2022
;; MSG SIZE  rcvd: 96

 

[Krautmaster]

The domain is from Strato where I entered both cloudflare DNS servers to that domain.
I also use the cloudflare dyndns app in my truenas scale and as per that log it updates my cloudflare DNS entries successfully.
As the domain is half a day old and the setting in Strato may take a while... Could it be the reason?

Thx for your support

 

[danb35]

As the domain is half a day old and the setting in Strato may take a while... Could it be the reason?

It could be. The bottom line is that if you're going to try to validate domain ownership through Cloudflare's DNS servers, those need to be authoritative for your domain. They weren't at the time of my last post, but it appears they are now:

Code:

 dan@Dan-Mac-Mini-2  ~  dig ns krautmaster.eu

; <<>> DiG 9.10.6 <<>> ns krautmaster.eu
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62525
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;krautmaster.eu.            IN    NS

;; ANSWER SECTION:
krautmaster.eu.        86400    IN    NS    jake.ns.cloudflare.com.
krautmaster.eu.        86400    IN    NS    sara.ns.cloudflare.com.

;; Query time: 437 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Mon Nov 21 16:33:38 EST 2022
;; MSG SIZE  rcvd: 98

 

[Krautmaster]

will retry and report. Thanks :)

Edit. Looking good

btw: is it normal that catalog sync taks half an hour or more for Truecharts?

Will digg into it, but i rebooted as it was unusable slow but that may have many causes. Maybe wrong thread anyway.