I'm trying to convert my existing nginx configurations to Traefik for ease of use and to use docker containers easily.
I am currently configuring everything in docker-compose until I have everything setup, then I'll split it into multiple yaml files.
Now the problem that I have is that this setup works perfectly for my main domain: tomtruyen.dev, however not for any of my subdomains. It seems like the SSL certificate is not created for those. Any idea what I have done wrong?
services:
traefik:
image: "traefik:latest"
container_name: "traefik"
restart: unless-stopped
command:
- "--api.dashboard=true"
- "--api.debug=true"
- "--log.level=DEBUG"
- "--log.filePath=/logs/traefik.log"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencrypt.acme.email=contact@tomtruyen.dev"
- "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
volumes:
- "~/tomtruyendev-deploy/letsencrypt:/letsencrypt"
- "~/tomtruyendev-deploy/logs:/logs"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "/etc/localtime:/etc/localtime:ro"
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`traefik.tomtruyen.dev`)"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.tls=true"
- "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
- "traefik.http.routers.traefik.middlewares=traefik-auth"
- "traefik.http.middlewares.traefik-auth.basicauth.users=tomtruyen:$2a$10$w3hrDmd2M.R.l.BoEBreQujhkcj2pIqHyVNEeLwrJd.2t8wOldbDu"
tomtruyen:
image: "ghcr.io/tomtruyen/tomtruyen-dev-portfolio:main"
restart: unless-stopped
ports:
- 3000:3000
labels:
- "traefik.enable=true"
- "traefik.http.routers.tomtruyen.rule=Host(`tomtruyen.dev`) || Host(`www.tomtruyen.dev`)"
- "traefik.http.routers.tomtruyen.entrypoints=websecure"
- "traefik.http.routers.traefik.tls=true"
- "traefik.http.routers.tomtruyen.tls.certresolver=letsencrypt"
- "traefik.http.middlewares.redirect-to-non-www.redirectregex.regex=^https?://www.tomtruyen.dev/(.*)"
- "traefik.http.middlewares.redirect-to-non-www.redirectregex.replacement=https://tomtruyen.dev/$${1}"
- "traefik.http.middlewares.redirect-to-non-www.redirectregex.permanent=true"
droidlaunch:
image: "ghcr.io/tomtruyen-organisation/droidlaunch-site:main"
restart: unless-stopped
ports:
- 3001:3000
labels:
- "traefik.enable=true"
- "traefik.http.routers.droidlaunch.rule=Host(`droidlaunch.tomtruyen.dev`) || Host(`www.droidlaunch.tomtruyen.dev`)"
- "traefik.http.routers.droidlaunch.entrypoints=websecure"
- "traefik.http.routers.traefik.tls=true"
- "traefik.http.routers.droidlaunch.tls.certresolver=letsencrypt"
- "traefik.http.middlewares.redirect-to-non-www.redirectregex.regex=^https?://www.droidlaunch.tomtruyen.dev/(.*)"
- "traefik.http.middlewares.redirect-to-non-www.redirectregex.replacement=https://droidlaunch.tomtruyen.dev/$${1}"
- "traefik.http.middlewares.redirect-to-non-www.redirectregex.permanent=true"
droidlaunch-docs:
image: "ghcr.io/tomtruyen-organisation/droidlaunch-docs:main"
restart: unless-stopped
ports:
- 3002:3000
labels:
- "traefik.enable=true"
- "traefik.http.routers.droidlaunch-docs.rule=Host(`docs.droidlaunch.tomtruyen.dev`) || Host(`www.docs.droidlaunch.tomtruyen.dev`)"
- "traefik.http.routers.droidlaunch-docs.entrypoints=websecure"
- "traefik.http.routers.traefik.tls=true"
- "traefik.http.routers.droidlaunch-docs.tls.certresolver=letsencrypt"
- "traefik.http.middlewares.redirect-to-non-www.redirectregex.regex=^https?://www.docs.droidlaunch.tomtruyen.dev/(.*)"
- "traefik.http.middlewares.redirect-to-non-www.redirectregex.replacement=https://docs.droidlaunch.tomtruyen.dev/$${1}"
- "traefik.http.middlewares.redirect-to-non-www.redirectregex.permanent=true"