Adding multiple domains to labels

itchysudo · June 12, 2023, 10:47am

Hi there,
First time poster here so apologies if this has been resolved before, I can't seem to find the right solution!
I'm still a novice user of Docker/traefik/Lets Encrypt - really enjoying it so far.

I currently use Traefik/Let's Encrypt successfully for multiple docker containers but would also like to host a WordPress site under a different domain. I've researched and added (what I think..) are the correct labels but my WordPress site still shows up as "not secure".

Any help would be most appreciated. Traefik docker-compose below!

version: '3'

services:
  traefik:
    image: traefik:latest
    container_name: traefik
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    networks:
      - proxy
    ports:
      - 80:80
      - 443:443
    environment:
      - CF_API_EMAIL= <EMAIL>
      - CF_DNS_API_TOKEN= <tOKEN>
      - CF_API_KEY= <KEY>
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /home/afmod/traefik/data/traefik.yml:/traefik.yml:ro
      - /home/afmod/traefik/data/acme.json:/acme.json
      - /home/afmod/traefik/data/config.yml:/config.yml:ro

    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.entrypoints=http"
      - "traefik.http.routers.traefik.rule=Host(`traefik-dashboard.domain.domain.domain`)"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=afmod:<PASSWORD>
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
      - "traefik.http.routers.traefik-secure.entrypoints=https"
      - "traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.domain.domain.domain`)"
      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
      - "traefik.http.routers.traefik-secure.tls=true"
      - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
      - "traefik.http.routers.traefik-secure.tls.domains[0].main=domain.domain.domain"
      - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.domain.domain.domain"
      - "traefik.http.routers.traefik-secure.tls.domains[1].main=domain2.domain2.domain2"
      - "traefik.http.routers.traefik-secure.tls.domains[1].sans=*.domain2.domain2.domain2"
      - "traefik.http.routers.traefik-secure.service=api@internal"

networks:
  proxy:
    external: true

bluepuma77 · June 12, 2023, 2:16pm

Show your Traefik static and dynamic config and your Wordpress dynamic config

itchysudo · June 12, 2023, 2:26pm

Hi Bluepuma,

Thanks for replying - apologies, would this be my acme.json and config.yml files?

Wordpress config below. Thanks for your help!


version: '3.1'

networks:
  traefik:
    external: true
  backend:

services:

  wordpress:
    image: wordpress
    restart: always
    ports:
      - 8080:80
    environment:
      WORDPRESS_DB_HOST: db
      WORDPRESS_DB_USER: dbuser
      WORDPRESS_DB_PASSWORD: <"pass">
      WORDPRESS_DB_NAME: <"DBNAME">
    volumes:
      - wordpress:/var/www/html

    networks:
      - traefik
      - backend

    depends_on:
      - db
      - redis

      labels:
      # The labels are usefull for Traefik only
      - "traefik.enable=true"
      - "traefik.docker.network=traefik"
      # Get the routes from http
      - "traefik.http.routers.wordpresscp.rule=Host(`domain2.domain2.domain2.domain2`)"
      - "traefik.http.routers.wordpresscp.entrypoints=web"
      # Redirect these routes to https
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      - "traefik.http.routers.wordpresscp.middlewares=redirect-to-https@docker"
      # Get the routes from https
      - "traefik.http.routers.wordpresscp-secured.rule=Host(`domain2.domain2.domain2.domain2`)"
      - "traefik.http.routers.wordpresscp-secured.entrypoints=web-secure"
      # Apply autentificiation with http challenge
      - "traefik.http.routers.wordpresscp-secured.tls=true"
      - "traefik.http.routers.wordpresscp-secured.tls.certresolver=myhttpchallenge"


    links:
      - db:db

  db:
    image: mysql:5.7
    restart: always

bluepuma77 · June 12, 2023, 2:37pm

Labels seems to be spaced wrong.

itchysudo · June 12, 2023, 2:46pm

Good catch - I can tab them again so they firmly sit under labels. Pretty ironic that this came from wordPress' page on Docker hub!

itchysudo · June 12, 2023, 2:49pm

I have made the change - definitely helps but still same issue unfortunately...

bluepuma77 · June 12, 2023, 2:52pm

One network is named proxy, one traefik. Need to place them on the same network

Check your Traefik dashboard.

itchysudo · June 12, 2023, 3:04pm

Interesting - I didn't even see that at all. I checked the compose files for my functioning containers and they all seem to use -proxy so I'm assuming I should change to that. I can't see WordPress at all within the Traefik dashboard.

Would I be correct in changing the network in the below place on the wordpress compose?

Topic		Replies	Views
One Service, Multiple Sub-Domains, Each pointing to another path - docker-compose.yml labelling Traefik v2 (latest) docker	0	402	September 17, 2022
Strugling with several settings Traefik v2 (latest) docker , file , middleware	2	1363	November 18, 2019
Traefik v2, docker, letsencrypt wildcard dns - can domains be specified in dynamic config? Traefik v2 (latest) docker , docker-swarm , letsencrypt-acme	6	1671	September 27, 2019
[docker] domain & container frontend host labels Traefik v1 docker	4	1451	July 24, 2019
Need help to get the correct container name as subdomain Traefik v2 (latest) docker	3	630	October 26, 2019

Adding multiple domains to labels

Related Topics