Letsencrypt dnsChallenge with traefik standalone - how to provide the API key variable for the challenge provider

I am using traefik 2.4.7 on a dedicated server with several LXD Container running.
Each container should be mapped to a subdomain. The first container workes, I used tlsChallenge to get a LE certificate. Starting with the second container, I got a "Bad Gateway" for it.

My problem right now is that I need to switch my acme generated LE certificate from a tlsChallenge to dnsChallenge because as I understand it is the only way to provide a wildcard certificate for my domain, so I can use one certificate for the whole domain + subdomains.

With docker I would use the environment Variables inside the docker-compose.yml to place the API key for the provider. As I am on LXD containers, I use traefik as a standalone service and with a file provider.

How can I get traefik to recognize my API key? Is there an environment block in the config files similar to docker-compose?

I also tried to use a .env file in /etc/traefik (where my config files are), but same result.

Can somebody help?

Thanks in advance!

How do you start traefik?

If you're using a systemd file there are a couple of ways to set variable, if you are using an system V init file then the env var can be set or exported in that file.

thanks for the fast reply, @cakiwi.

Exactly, I use a systemd service.
And you solved my problem ... added the API key there and it works...thanks a lot!

1 Like