Issues running Nginx reverse proxy that handles SSL BEHIND Traefik

Hello. I have a nginx reverse proxy that all requests are routed to which should generate a SSL cert for each route that reaches it. I have a few issues running Traefik in front of it , as it seems that something with the default Traefik cert messes things up.

Basically, what should happen is that when my container is reached on port 443, then it starts contacting letsencrypt to generate a cert. When I test this, I can see that traffic is routed to the container on port 443 by watching the nginx access log. The issue is then that it never tries to contact letsencrypt to receive a cert. If I manually try and SSH into the container itself and send a request to the domain from within the container itself, then it runs perfectly fine and it tries to request a cert from letsencrypt as intended.

So something with traefik sitting in front of this nginx container messes things up. The requests i've made was using Postman which does indeed get a response from the container, but the SSL cert is invalid and the cert CN is TRAEFIK DEFAULT CERT. So my suspicion is that this traefik default cert messes something with my request up.

So my question is: Can I tell Traefik to don't do anything regarding SSL cert at all, but let my container take care of everything? Simply just tell traefik to route the requests to port 80 and 443 and nothing else except that.

Traefik config:

  traefik:
    image: traefik:latest
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
      - "8082:8082"
    command:
      - "--providers.docker=true"
      - "--providers.docker.swarmmode=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.ping.address=:8082"
      - "--accesslog.filepath=./traefik.log"
      - "--log.filePath=./debug.log"
      - "--log.level=DEBUG"
      - "--ping.entryPoint=ping"
      - "--entrypoints.web-secure.address=:443"
      - "--accesslog.fields.defaultmode=keep"
      - "--accesslog.fields.names.ClientUsername=keep"
      - "--accesslog.fields.headers.defaultmode=keep"
      - "--accesslog.fields.headers.names.User-Agent=keep"
      - "--accesslog.fields.headers.names.Authorization=keep"
      - "--accesslog.fields.headers.names.Content-Type=keep"
      # - "--entrypoints.web.http.redirections.entryPoint.to=web-secure"
      # - "--entrypoints.web.http.redirections.entryPoint.scheme=https"
      # - "--entrypoints.web.http.redirections.entrypoint.permanent=true"
      - "--certificatesresolvers.myresolver.acme.dnschallenge=true"
      - "--certificatesresolvers.myresolver.acme.dnschallenge.provider=ns1"
      - "--certificatesresolvers.myresolver.acme.email=phillip@golemgrid.com"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
      - "--certificatesresolvers.myresolver.acme.dnschallenge.disablepropagationcheck=false"
      - "--metrics.prometheus=true"
      - "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0"
      - --metrics.prometheus.entryPoint=metrics
      - --entryPoints.metrics.address=:8080
      - --serversTransport.insecureSkipVerify=true
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=deploy_deploy"
      - "traefik.http.routers.traefik.middlewares=traefik-compress"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./letsencrypt:/letsencrypt
    environment:
      - NS1_API_KEY=value
Nginx container config:
  autossl:
    image: redacted
    volumes:
    - /etc/localtime:/etc/localtime:ro
    - ./configs:/etc/nginx/conf.d
    deploy:
      labels:
        - traefik.enable=true
        - traefik.http.routers.autossl.rule=HostRegexp(`{host:.+}`)
        - traefik.http.routers.autossl.entrypoints=web
        - traefik.http.routers.autossl.service=autosslhttp@docker
        - traefik.http.services.autosslhttp.loadbalancer.server.port=80
        - traefik.http.routers.autossl.priority=50
        - traefik.docker.network=deploy
        - traefik.http.routers.auto.rule=HostRegexp(`{host:.+}`)
        - traefik.http.routers.auto.priority=80
        - traefik.http.routers.auto.service=autosslhttps@docker
        - traefik.http.routers.auto.tls=true
        - traefik.http.routers.auto.tls.passthrough=true
        - traefik.http.routers.auto.entrypoints=web-secure
        - traefik.http.services.autosslhttps.loadbalancer.server.port=443
        - traefik.http.services.autosslhttps.loadbalancer.server.scheme=https
    networks:
      - deploy

You can use plain TCP entrypoints, then Traefik doesn’t care about TLS, it will just forward traffic.

But then Traefik doesn’t know about HTTP requests and you can’t route by domain/path and you get no HTTP access log from Traefik.