1.8 KiB
1.8 KiB
| description |
|---|
| Debug and fix Traefik routing issues where the wrong app (e.g., Alertmanager) is served, indicating an upstream DNS/Cloudflare Wildcard conflict. |
Debugging DNS & Routing Conflicts (The Wildcard Trap)
If a subdomain (e.g., 777wolfpack.runfoo.run) is serving the wrong application (like Alertmanager) and Traefik logs show NO activity for that domain, you are likely hitting a Cloudflare Wildcard Fallback.
Diagnosis Steps
-
Check Traefik Logs:
docker logs traefik --tail 50If you see requests for the domain, it's a local Traefik config issue. If you see ZERO requests, traffic is not reaching this server. -
Verify DNS:
host 777wolfpack.runfoo.runCompare the returned IP with the server's public IP.- Match: Routing issue is local.
- Mismatch: You are hitting a Wildcard (
*) record pointing to a different server.
-
Run the Server Matrix: Use this script to audit exactly what the server thinks it is doing.
#!/bin/bash # map_server.sh echo "=== OPERATIONAL MATRIX ===" echo "[1] NATIVE PORTS (Who owns 80/443?)" sudo ss -tulpn | grep -E ':80|:443' echo "" echo "[2] VIRTUAL_HOST (Nginx Proxy Check)" docker ps -q | xargs docker inspect --format '{{.Name}} {{range $e := .Config.Env}}{{if ge (len $e) 12}}{{if eq (slice $e 0 12) "VIRTUAL_HOST"}} {{$e}} {{end}}{{end}}{{end}}' echo "" echo "[3] TRAEFIK ROUTERS" docker ps -q | xargs docker inspect --format '{{.Name}} {{range $k, $v := .Config.Labels}}{{if or (eq $k "traefik.http.routers.wolfpack-frontend.rule") (eq $k "traefik.http.routers.aspirant-dashboard.rule")}}{{$k}}={{$v}}{{end}}{{end}}'
The Fix
- Go to Cloudflare DNS.
- Add a specific A Record for the missing subdomain.
- Point it to the Correct Server IP.
- Wait 1 minute.