DNSPOD

  1. 登录官网
  2. 在控制台中打开安全设置

MX00l8.png

  1. 点击密钥管理

UTOOLS1574606638858.png

  1. 点击创建密钥

UTOOLS1574607218750.png

  1. 把密钥信息(id和token)保存下来(包括但不限于截图、复制到文本文件等手段, 随你喜欢)

  2. 把id和token组合而成的login token填入到traefik的环境变量中

    version: '3'
       
    networks:
      traefik:
       
    services:
      traefik:
        # The official v2.0 Traefik docker image
        image: traefik:v2.0.4
        restart: always
        container_name: traefik
        networks:
          - traefik
        ports:
          # The HTTP port
          - "80:80"
          # The Web UI
          - "8080:8080"
          - "443:443"
        expose:
          - 8080
        environment:
          # DNSPOD
          - DNSPOD_API_KEY=126408,fb4d4667270f6e6b216cfe9a527bca76
       
        volumes:
          # docker
          - "/var/run/docker.sock:/var/run/docker.sock:ro"
          # config
          - "./traefik.yml:/etc/traefik/traefik.yml"
          - "./dynamic.yml:/etc/traefik/dynamic.d/dynamic.yml"
          # log
          - "./log:/data/traefik/log/"
          # https
          - "./ca/:/data/traefik/ca/"
    

    这一步我要说一下, 理论上来说, 这样应该是可以的了, 因为我用curl测试的话是可以访问的

    curl -X POST https://dnsapi.cn/Domain.List -d 'login_token=126408,fb4d4667270f6e6b216cfe9a527bca76&format=json'
       
    {"status":{"code":"1","message":"Action completed successful","created_at":"2019-11-24 22:58:30"},"info":{"domain_total":1,"all_total":1,"mine_total":"1","share_total":"0","vip_total":"0","ismark_total":"0","pause_total":"0","error_total":"0","lock_total":"0","spam_total":"0","vip_expire":0,"share_out_total":0},"domains":[{"id":64856337,"status":"enable","grade":"DP_Free","group_id":"1","searchengine_push":"yes","is_mark":"no","ttl":"600","cname_speedup":"disable","remark":"","created_on":"2018-03-09 18:06:05","updated_on":"2018-03-10 14:16:52","punycode":"alexc.cn","ext_status":"","src_flag":"QCLOUD","name":"alexc.cn","grade_title":"\u65b0\u514d\u8d39\u5957\u9910","is_vip":"no","owner":"[email protected]","records":"13"}]}%
    

    而且我翻过源码, 发现traefik的ACME是引用了lego实现的, 而lego则是引用了dnspod-go来实现对dnspod的相关API操作, 而且我也跑过一下这个的源码, 是可以解析的, 但就是在traefik上不行, 会报无法解析/解析错误之类的错, 而我在考虑到后面会用CLOUDFLARE的DNS来解析我的域名, 我也就没深究下去了. 如果有人愿意研究一下的话, 可以看看是什么情况.

CLOUDFLARE

注意: 这里需要你在CLOUDFLARE里已经有一个可用的域名

  1. 登录官网
  2. 进入profile

UTOOLS1574609001336.png

  1. 点击API Tokens

MX0ywj.png

  1. 点击Create Token, 并选择Start with a template这个radio button

UTOOLS1574609451662.png

UTOOLS1574609481049.png

  1. 选择Edit DNS Zone这个模板

UTOOLS1574609551992.png

  1. 为这个token选择要应用的目标域名

UTOOLS1574609726095.png

  1. 然后点下一步、再点下一步,就会出现你要的token

MXwIII.png

  1. 将这个用于DNS的token填入环境变量中的API token
version: '3'

networks:
  traefik:

services:
  traefik:
    # The official v2.0 Traefik docker image
    image: traefik:v2.0.4
    restart: always
    container_name: traefik
    networks:
      - traefik
    ports:
      # The HTTP port
      - "80:80"
      # The Web UI
      - "8080:8080"
      - "443:443"
    expose:
      - 8080
    environment:
      # CLOUDFLARE
      - [email protected]
      - CF_API_KEY=xxxxxxxxxxxxxxxx
      - CF_DNS_API_TOKEN=GXdy_q3t-Ea__SiRyjFCWuurA3bHVKgKijBOv9AX

    volumes:
      # docker
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      # config
      - "./traefik.yml:/etc/traefik/traefik.yml"
      - "./dynamic.yml:/etc/traefik/dynamic.d/dynamic.yml"
      # log
      - "./log:/data/traefik/log/"
      # https
      - "./ca/:/data/traefik/ca/"

  1. 再点击一下这里回到token管理页

MXwTit.png

  1. 点击这里你就可以看到CF_API_KEY这个环境变量对应的key了

image-20191124234207023

image-20191124234318074.png