I need to setup VPS as that is the need of the day for us. As we want to host multiple instances of ERPNext.
Anyways while trying to debug the problem I reset my VPS and did the whole process again. During the process I found that after the step on installing Traefik…
logs for containers mainly frontend and backend. (docker logs <container-name>). Note: replace <container-name> with name of container
logs for all other containers
Yes it can be done. You need to understand the configuration to do that.
To access by IP address refer file pwd.yml. Serve frontend on port 80 only. i.e. instead of 8080:8080 make it 80:8080.
Later if you need multiple sites then you’ll need to add as many frontend services(s) with FRAPPE_SITE_NAME_HEADER env var set to the site created. Publish ports of this service and that site will be served on the port published. e.g. frontend published on port 8080:8080, frontend-one published on port 8081:8080.
I don’t think it is possible for anyone to do all this without any prior docker experience.
Accessing web apps over non https is not recommended.
docker ps
CONTAINER ID IMAGE COMMAND CREATE D STATUS PORTS NAMES
ef4aa50a9b2d frappe/erpnext-nginx:v13.35.2 "/docker-entrypoint.…" 35 min utes ago Up 35 minutes 8080/tcp erpnext-one-frontend-1
316037aeb61c frappe/erpnext-worker:v13.35.2 "bench worker --queu…" 35 min utes ago Up 35 minutes erpnext-one-queue-default-1
2e0e84ec558d frappe/erpnext-worker:v13.35.2 "bench schedule" 35 min utes ago Up 35 minutes erpnext-one-scheduler-1
445c95fbac7a frappe/erpnext-worker:v13.35.2 "bench worker --queu…" 35 min utes ago Up 35 minutes erpnext-one-queue-long-1
46d0ced8474b frappe/erpnext-worker:v13.35.2 "/home/frappe/frappe…" 35 min utes ago Up 35 minutes erpnext-one-backend-1
3788c5cb11fd frappe/erpnext-worker:v13.35.2 "bench worker --queu…" 35 min utes ago Up 35 minutes erpnext-one-queue-short-1
93512af97964 frappe/frappe-socketio:v13.35.2 "docker-entrypoint.s…" 35 min utes ago Up 35 minutes erpnext-one-websocket-1
f0736ba01dfa redis:6.2-alpine "docker-entrypoint.s…" 35 min utes ago Up 35 minutes 6379/tcp erpnext-one-redis-1
03af624a6d20 mariadb:10.6 "docker-entrypoint.s…" 41 min utes ago Up 41 minutes (healthy) 3306/tcp mariadb-database
7228c21f910f traefik:v2.6 "/entrypoint.sh --pr…" 44 min utes ago Up 44 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp traefik-traefik-1
Below are is the output that I manage to get using the command docker ps -q | xargs -L 1 docker logs
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/frappe-entrypoint.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf differs from the packaged version
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
20-envsubst-on-templates.sh: Running envsubst on /etc/nginx/templates/default.conf.template to /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2022/07/17 06:20:56 [notice] 1#1: using the "epoll" event method
2022/07/17 06:20:56 [notice] 1#1: nginx/1.23.0
2022/07/17 06:20:56 [notice] 1#1: built by gcc 11.2.1 20220219 (Alpine 11.2.1_git20220219)
2022/07/17 06:20:56 [notice] 1#1: OS: Linux 5.15.0-25-generic
2022/07/17 06:20:56 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2022/07/17 06:20:56 [notice] 1#1: start worker processes
2022/07/17 06:20:56 [notice] 1#1: start worker process 38
2022/07/17 06:20:56 [notice] 1#1: start worker process 39
2022/07/17 06:20:56 [notice] 1#1: start worker process 40
2022/07/17 06:20:56 [notice] 1#1: start worker process 41
06:20:55 Worker rq:worker:73be38900c124401b298849f2314c18d.316037aeb61c.7.default: started, version 1.8.1
06:20:55 Subscribing to channel rq:pubsub:73be38900c124401b298849f2314c18d.316037aeb61c.7.default
06:20:55 *** Listening on default...
06:20:55 Cleaning registries for queue: default
06:47:55 Cleaning registries for queue: default
06:20:55 Worker rq:worker:8763475aafaf406bb2667d5e1965c4d3.445c95fbac7a.7.long: started, version 1.8.1
06:20:55 Subscribing to channel rq:pubsub:8763475aafaf406bb2667d5e1965c4d3.445c95fbac7a.7.long
06:20:55 *** Listening on long...
06:20:55 Cleaning registries for queue: long
06:47:56 Cleaning registries for queue: long
[2022-07-17 06:20:55 +0000] [1] [INFO] Starting gunicorn 20.1.0
[2022-07-17 06:20:55 +0000] [1] [INFO] Listening at: http://0.0.0.0:8000 (1)
[2022-07-17 06:20:55 +0000] [1] [INFO] Using worker: gthread
[2022-07-17 06:20:55 +0000] [6] [INFO] Booting worker with pid: 6
[2022-07-17 06:20:55 +0000] [7] [INFO] Booting worker with pid: 7
06:20:55 Worker rq:worker:8b2d58ed35ec4e9f81f89ec13fec9ec7.3788c5cb11fd.7.short: started, version 1.8.1
06:20:55 Subscribing to channel rq:pubsub:8b2d58ed35ec4e9f81f89ec13fec9ec7.3788c5cb11fd.7.short
06:20:55 *** Listening on short...
06:20:55 Cleaning registries for queue: short
06:47:56 Cleaning registries for queue: short
listening on *: 9000
1:C 17 Jul 2022 06:20:51.611 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 17 Jul 2022 06:20:51.611 # Redis version=6.2.7, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 17 Jul 2022 06:20:51.611 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
1:M 17 Jul 2022 06:20:51.612 * monotonic clock: POSIX clock_gettime
1:M 17 Jul 2022 06:20:51.613 # A key '__redis__compare_helper' was added to Lua globals which is not on the globals allow list nor listed on the deny list.
1:M 17 Jul 2022 06:20:51.613 * Running mode=standalone, port=6379.
1:M 17 Jul 2022 06:20:51.613 # Server initialized
1:M 17 Jul 2022 06:20:51.613 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
1:M 17 Jul 2022 06:20:51.613 * Ready to accept connections
1:M 17 Jul 2022 06:24:36.789 * 10000 changes in 60 seconds. Saving...
1:M 17 Jul 2022 06:24:36.790 * Background saving started by pid 15
15:C 17 Jul 2022 06:24:36.796 * DB saved on disk
15:C 17 Jul 2022 06:24:36.796 * RDB: 0 MB of memory used by copy-on-write
1:M 17 Jul 2022 06:24:36.891 * Background saving terminated with success
1:M 17 Jul 2022 06:29:37.023 * 100 changes in 300 seconds. Saving...
1:M 17 Jul 2022 06:29:37.027 * Background saving started by pid 16
16:C 17 Jul 2022 06:29:37.035 * DB saved on disk
16:C 17 Jul 2022 06:29:37.035 * RDB: 0 MB of memory used by copy-on-write
1:M 17 Jul 2022 06:29:37.129 * Background saving terminated with success
1:M 17 Jul 2022 06:34:38.022 * 100 changes in 300 seconds. Saving...
1:M 17 Jul 2022 06:34:38.023 * Background saving started by pid 17
17:C 17 Jul 2022 06:34:38.034 * DB saved on disk
17:C 17 Jul 2022 06:34:38.034 * RDB: 0 MB of memory used by copy-on-write
1:M 17 Jul 2022 06:34:38.124 * Background saving terminated with success
2022-07-17 06:14:51+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.6.8+maria~focal started.
2022-07-17 06:14:51+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
2022-07-17 06:14:51+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.6.8+maria~focal started.
2022-07-17 06:14:51+00:00 [Note] [Entrypoint]: Initializing database files
PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER !
To do so, start the server, then issue the following command:
'/usr/bin/mysql_secure_installation'
which will also give you the option of removing the test
databases and anonymous user created by default. This is
strongly recommended for production servers.
See the MariaDB Knowledgebase at https://mariadb.com/kb
Please report any problems at https://mariadb.org/jira
The latest information about MariaDB is available at https://mariadb.org/.
Consider joining MariaDB's strong and vibrant community:
https://mariadb.org/get-involved/
2022-07-17 06:14:52+00:00 [Note] [Entrypoint]: Database files initialized
2022-07-17 06:14:52+00:00 [Note] [Entrypoint]: Starting temporary server
2022-07-17 06:14:52+00:00 [Note] [Entrypoint]: Waiting for server startup
2022-07-17 6:14:52 0 [Note] mariadbd (server 10.6.8-MariaDB-1:10.6.8+maria~focal) starting as process 107 ...
2022-07-17 6:14:52 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2022-07-17 6:14:52 0 [Note] InnoDB: Number of pools: 1
2022-07-17 6:14:52 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
2022-07-17 6:14:52 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
2022-07-17 6:14:52 0 [Note] InnoDB: Using Linux native AIO
2022-07-17 6:14:52 0 [Note] InnoDB: Initializing buffer pool, total size = 134217728, chunk size = 134217728
2022-07-17 6:14:52 0 [Note] InnoDB: Completed initialization of buffer pool
2022-07-17 6:14:52 0 [Note] InnoDB: 128 rollback segments are active.
2022-07-17 6:14:52 0 [Note] InnoDB: Creating shared tablespace for temporary tables
2022-07-17 6:14:52 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
2022-07-17 6:14:52 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
2022-07-17 6:14:52 0 [Note] InnoDB: 10.6.8 started; log sequence number 41361; transaction id 14
2022-07-17 6:14:52 0 [Note] Plugin 'FEEDBACK' is disabled.
2022-07-17 6:14:52 0 [Warning] 'user' entry 'root@03af624a6d20' ignored in --skip-name-resolve mode.
2022-07-17 6:14:52 0 [Warning] 'proxies_priv' entry '@% root@03af624a6d20' ignored in --skip-name-resolve mode.
2022-07-17 6:14:52 0 [Note] mariadbd: ready for connections.
Version: '10.6.8-MariaDB-1:10.6.8+maria~focal' socket: '/run/mysqld/mysqld.sock' port: 0 mariadb.org binary distribution
2022-07-17 6:14:53 3 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
2022-07-17 06:14:53+00:00 [Note] [Entrypoint]: Temporary server started.
Warning: Unable to load '/usr/share/zoneinfo/leap-seconds.list' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/leapseconds' as time zone. Skipping it.
2022-07-17 6:14:54 6 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
Warning: Unable to load '/usr/share/zoneinfo/tzdata.zi' as time zone. Skipping it.
2022-07-17 06:14:55+00:00 [Note] [Entrypoint]: Securing system users (equivalent to running mysql_secure_installation)
2022-07-17 06:14:55+00:00 [Note] [Entrypoint]: Stopping temporary server
2022-07-17 6:14:55 0 [Note] mariadbd (initiated by: root[root] @ localhost []): Normal shutdown
2022-07-17 6:14:55 0 [Note] InnoDB: FTS optimize thread exiting.
2022-07-17 6:14:55 0 [Note] InnoDB: Starting shutdown...
2022-07-17 6:14:55 0 [Note] InnoDB: Dumping buffer pool(s) to /var/lib/mysql/ib_buffer_pool
2022-07-17 6:14:55 0 [Note] InnoDB: Buffer pool(s) dump completed at 220717 6:14:55
2022-07-17 6:14:55 0 [Note] InnoDB: Removed temporary tablespace data file: "./ibtmp1"
2022-07-17 6:14:55 0 [Note] InnoDB: Shutdown completed; log sequence number 42335; transaction id 15
2022-07-17 6:14:55 0 [Note] mariadbd: Shutdown complete
2022-07-17 06:14:56+00:00 [Note] [Entrypoint]: Temporary server stopped
2022-07-17 06:14:56+00:00 [Note] [Entrypoint]: MariaDB init process done. Ready for start up.
2022-07-17 6:14:56 0 [Note] mariadbd (server 10.6.8-MariaDB-1:10.6.8+maria~focal) starting as process 1 ...
2022-07-17 6:14:56 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2022-07-17 6:14:56 0 [Note] InnoDB: Number of pools: 1
2022-07-17 6:14:56 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
2022-07-17 6:14:56 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
2022-07-17 6:14:56 0 [Note] InnoDB: Using Linux native AIO
2022-07-17 6:14:56 0 [Note] InnoDB: Initializing buffer pool, total size = 134217728, chunk size = 134217728
2022-07-17 6:14:56 0 [Note] InnoDB: Completed initialization of buffer pool
2022-07-17 6:14:56 0 [Note] InnoDB: 128 rollback segments are active.
2022-07-17 6:14:56 0 [Note] InnoDB: Creating shared tablespace for temporary tables
2022-07-17 6:14:56 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
2022-07-17 6:14:56 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
2022-07-17 6:14:56 0 [Note] InnoDB: 10.6.8 started; log sequence number 42335; transaction id 14
2022-07-17 6:14:56 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
2022-07-17 6:14:56 0 [Note] Plugin 'FEEDBACK' is disabled.
2022-07-17 6:14:56 0 [Note] InnoDB: Buffer pool(s) load completed at 220717 6:14:56
2022-07-17 6:14:56 0 [Warning] You need to use --log-bin to make --expire-logs-days or --binlog-expire-logs-seconds work.
2022-07-17 6:14:56 0 [Note] Server socket created on IP: '0.0.0.0'.
2022-07-17 6:14:56 0 [Note] Server socket created on IP: '::'.
2022-07-17 6:14:56 0 [Note] mariadbd: ready for connections.
Version: '10.6.8-MariaDB-1:10.6.8+maria~focal' socket: '/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution
2022-07-17 6:21:56 382 [Warning] Access denied for user 'frappe'@'172.19.0.8' (using password: NO)
2022-07-17 6:21:56 384 [Warning] Aborted connection 384 to db: 'erpnext' user: 'erpnext' host: '172.19.0.8' (Got an error reading communication packets)
2022-07-17 6:24:47 386 [Warning] Aborted connection 386 to db: 'erpnext' user: 'erpnext' host: '172.19.0.8' (Got an error reading communication packets)
2022-07-17 6:28:14 739 [Warning] Access denied for user 'frappe'@'172.19.0.8' (using password: NO)
2022-07-17 6:28:15 741 [Warning] Aborted connection 741 to db: 'erpnext2' user: 'erpnext2' host: '172.19.0.8' (Got an error reading communication packets)
2022-07-17 6:31:00 743 [Warning] Aborted connection 743 to db: 'erpnext2' user: 'erpnext2' host: '172.19.0.8' (Got an error reading communication packets)
time="2022-07-17T06:11:30Z" level=info msg="Configuration loaded from flags."
time="2022-07-17T06:11:34Z" level=error msg="Unable to obtain ACME certificate for domains \"38.242.147.218\": unable to generate a certificate for the domains [38.242.147.218]: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: Error creating new order :: Cannot issue for \"38.242.147.218\": The ACME server can not issue a certificate for an IP address" routerName=traefik-public-https@docker ACME CA="https://acme-v02.api.letsencrypt.org/directory" providerName=le.acme rule="Host(`38.242.147.218`)"
106.205.218.49 - - [17/Jul/2022:06:12:01 +0000] "GET / HTTP/1.1" 301 17 "-" "-" 1 "traefik-public-http@docker" "-" 0ms
106.205.218.49 - - [17/Jul/2022:06:12:09 +0000] "GET / HTTP/2.0" 401 17 "-" "-" 2 "traefik-public-https@docker" "-" 0ms
106.205.218.49 - info@indicsoftware.com [17/Jul/2022:06:12:57 +0000] "GET / HTTP/2.0" 401 17 "-" "-" 3 "traefik-public-https@docker" "-" 0ms
106.205.218.49 - info@indicsoftware.com [17/Jul/2022:06:13:11 +0000] "GET / HTTP/2.0" 401 17 "-" "-" 4 "traefik-public-https@docker" "-" 0ms
106.205.218.49 - - [17/Jul/2022:06:13:13 +0000] "GET /favicon.ico HTTP/2.0" 401 17 "-" "-" 5 "traefik-public-https@docker" "-" 0ms
192.241.220.24 - - [17/Jul/2022:06:17:05 +0000] "GET /owa/auth/x.js HTTP/1.1" 401 17 "-" "-" 6 "traefik-public-https@docker" "-" 0ms
192.241.221.43 - - [17/Jul/2022:06:20:09 +0000] "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 401 17 "-" "-" 7 "traefik-public-https@docker" "-" 0ms
192.241.221.222 - - [17/Jul/2022:06:20:22 +0000] "GET /owa/auth/logon.aspx HTTP/1.1" 401 17 "-" "-" 8 "traefik-public-https@docker" "-" 0ms
time="2022-07-17T06:20:57Z" level=error msg="Unable to obtain ACME certificate for domains \"38.242.147.218\": unable to generate a certificate for the domains [38.242.147.218]: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: Error creating new order :: Cannot issue for \"38.242.147.218\": The ACME server can not issue a certificate for an IP address" rule="Host(`38.242.147.218`)" ACME CA="https://acme-v02.api.letsencrypt.org/directory" providerName=le.acme routerName=traefik-public-https@docker
time="2022-07-17T06:20:57Z" level=error msg="Unable to obtain ACME certificate for domains \"38.242.147.218\": unable to generate a certificate for the domains [38.242.147.218]: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: Error creating new order :: Cannot issue for \"38.242.147.218\": The ACME server can not issue a certificate for an IP address" ACME CA="https://acme-v02.api.letsencrypt.org/directory" rule="Host(`38.242.147.218`)" routerName=traefik-public-https@docker providerName=le.acme
35.233.62.116 - - [17/Jul/2022:06:20:58 +0000] "GET / HTTP/1.1" 301 17 "-" "-" 9 "traefik-public-http@docker" "-" 0ms
time="2022-07-17T06:20:59Z" level=error msg="Unable to obtain ACME certificate for domains \"38.242.147.218\": unable to generate a certificate for the domains [38.242.147.218]: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: Error creating new order :: Cannot issue for \"38.242.147.218\": The ACME server can not issue a certificate for an IP address" providerName=le.acme rule="Host(`38.242.147.218`)" routerName=traefik-public-https@docker ACME CA="https://acme-v02.api.letsencrypt.org/directory"
time="2022-07-17T06:21:00Z" level=error msg="Unable to obtain ACME certificate for domains \"one.example.com,two.example.com\": unable to generate a certificate for the domains [one.example.com two.example.com]: error: one or more domains had a problem:\n[one.example.com] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for one.example.com - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for one.example.com - check that a DNS record exists for this domain\n[two.example.com] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for two.example.com - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for two.example.com - check that a DNS record exists for this domain\n" ACME CA="https://acme-v02.api.letsencrypt.org/directory" providerName=le.acme routerName=erpnext-one-https@docker rule="Host(`one.example.com`,`two.example.com`)"
time="2022-07-17T06:21:01Z" level=error msg="Unable to obtain ACME certificate for domains \"38.242.147.218\": unable to generate a certificate for the domains [38.242.147.218]: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: Error creating new order :: Cannot issue for \"38.242.147.218\": The ACME server can not issue a certificate for an IP address" providerName=le.acme ACME CA="https://acme-v02.api.letsencrypt.org/directory" rule="Host(`38.242.147.218`)" routerName=traefik-public-https@docker
time="2022-07-17T06:21:03Z" level=error msg="Unable to obtain ACME certificate for domains \"38.242.147.218\": unable to generate a certificate for the domains [38.242.147.218]: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: Error creating new order :: Cannot issue for \"38.242.147.218\": The ACME server can not issue a certificate for an IP address" providerName=le.acme routerName=traefik-public-https@docker rule="Host(`38.242.147.218`)" ACME CA="https://acme-v02.api.letsencrypt.org/directory"
time="2022-07-17T06:21:05Z" level=error msg="Unable to obtain ACME certificate for domains \"38.242.147.218\": unable to generate a certificate for the domains [38.242.147.218]: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: Error creating new order :: Cannot issue for \"38.242.147.218\": The ACME server can not issue a certificate for an IP address" rule="Host(`38.242.147.218`)" ACME CA="https://acme-v02.api.letsencrypt.org/directory" providerName=le.acme routerName=traefik-public-https@docker
time="2022-07-17T06:21:12Z" level=error msg="Unable to obtain ACME certificate for domains \"38.242.147.218\": unable to generate a certificate for the domains [38.242.147.218]: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: Error creating new order :: Cannot issue for \"38.242.147.218\": The ACME server can not issue a certificate for an IP address" routerName=traefik-public-https@docker rule="Host(`38.242.147.218`)" ACME CA="https://acme-v02.api.letsencrypt.org/directory" providerName=le.acme
time="2022-07-17T06:21:12Z" level=error msg="Unable to obtain ACME certificate for domains \"one.example.com,two.example.com\": unable to generate a certificate for the domains [one.example.com two.example.com]: error: one or more domains had a problem:\n[one.example.com] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for one.example.com - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for one.example.com - check that a DNS record exists for this domain\n[two.example.com] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for two.example.com - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for two.example.com - check that a DNS record exists for this domain\n" providerName=le.acme routerName=erpnext-one-https@docker rule="Host(`one.example.com`,`two.example.com`)" ACME CA="https://acme-v02.api.letsencrypt.org/directory"
185.196.220.70 - - [17/Jul/2022:06:28:13 +0000] "GET / HTTP/1.1" 301 17 "-" "-" 10 "traefik-public-http@docker" "-" 0ms
106.205.218.49 - - [17/Jul/2022:06:39:09 +0000] "GET / HTTP/2.0" 401 17 "-" "-" 11 "traefik-public-https@docker" "-" 0ms
106.205.218.49 - - [17/Jul/2022:06:39:26 +0000] "GET /one.example.com HTTP/2.0" 401 17 "-" "-" 12 "traefik-public-https@docker" "-" 0ms
106.205.218.49 - - [17/Jul/2022:06:52:31 +0000] "GET /one.example.com HTTP/1.1" 301 17 "-" "-" 13 "traefik-public-http@docker" "-" 0ms
106.205.218.49 - - [17/Jul/2022:06:52:32 +0000] "GET /one.example.com HTTP/2.0" 401 17 "-" "-" 14 "traefik-public-https@docker" "-" 0ms
106.205.218.49 - info@indicsoftware.com [17/Jul/2022:06:52:48 +0000] "GET /one.example.com HTTP/2.0" 401 17 "-" "-" 15 "traefik-public-https@docker" "-" 0ms
66.154.123.246 - - [17/Jul/2022:06:59:04 +0000] "HEAD /robots.txt HTTP/1.0" 404 19 "-" "-" 16 "-" "-" 0ms
You need to set separate domain for TRAEFIK_DOMAIN, it is mentioned traefik.example.com in docs, you need to replace it with traefik.yourdomain.com it is not erp.yourdomain.com. The login screen you see is for traefik because you pointed your erp domain to serve traefik.
you copy pasted the documentation, created 2 stacks (erpnext-one, erpnext-two) and 4 sites (one.example.com, two.example.com, three.example.com, four.example.com). You cannot create letsencrypt certificates for example.com
You don’t need 2 stacks. You just need 1 site, erp.yourdomain.com in erpnext-one.
Edit:
I did the following to setup
I removed the erpnext-two stack and related volumes
change the TRAEFIK_DOMAIN to traefik.yourdomain.com
I removed sites one.example.com and two.example.com created erp.yourdomain.com
I updated erpnext-one.env for SITES environment variable and re-generated ~/gitops/erpnext-one.yaml with correct SITES