Not able to get ssl and dashboard accessible | DNS/Domain managed by Digital Ocean and VPS at different provider

I have a domain that is managed by digital ocean. I am using that subdomain's A record pointing to a VPS which has service at different provider. I have gotten the page to load without ssl/https.

Current issues:
Dashboard not accessible outside
SSL not generating

My goals with traefik are:

  1. have the subdomain use ssl
  2. have dashboard be accessible with username and password with ssl
  3. auto redirect to https

I tried to use this from documentation but had no success.

--entryPoints.web.address=:80
--entryPoints.websecure.address=:443
# ...
--certificatesResolvers.sample.acme.email=your-email@your-domain.org
--certificatesResolvers.sample.acme.storage=acme.json
# used during the challenge
--certificatesResolvers.sample.acme.httpChallenge.entryPoint=web

traefik docker-compose.yml

version: '3'

services:
  reverse-proxy:
    container_name: traefik
    # The official v2.0 Traefik docker image
    image: traefik:v2.0
    # Enables the web UI and tells Traefik to listen to docker
    command:
    # - --entrypoints.web.address=:80
    # - --entrypoints.websecure.address=:443
    - "--api=true"
    - "--api.dashboard=true"
    # - --api.insecure=true
    - --providers.docker
    # - --certificatesresolvers.leresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
    # - --certificatesresolvers.leresolver.acme.email=xyz@domain.com
    # - --certificatesresolvers.leresolver.acme.storage=/acme.json
    # - --certificatesresolvers.leresolver.acme.tlschallenge=true
    networks:
      - web
    ports:
      # The HTTP port
      - "443:443"
      - "80:80"
      # The Web UI (enabled by --api.insecure=true)
      - "8080:8080"
    volumes:
      # So that Traefik can listen to the Docker events
      - /var/run/docker.sock:/var/run/docker.sock
      # - ./acme.json:/acme.json
    labels:
      - traefik.http.routers.traefik.rule=Host(`xyz.domain.com`)
      # - "traefik.http.routers.traefik.service=api@internal"
      # - "traefik.http.routers.traefik.tls.certresolver=leresolver"
      # - "traefik.http.routers.traefik.entrypoints=websecure"
      # - "traefik.http.routers.traefik.middlewares=authtraefik"
      # - "traefik.http.middlewares.authtraefik.basicauth.users=test:dsadad" # user/password
      
      # # global redirect to https
      # - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
      # - "traefik.http.routers.http-catchall.entrypoints=web"
      # - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"

      # middleware redirect
      # - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
networks:
  web:
    external: true

service docker-compose.yaml

version: "3"
services:
  chat-app:
    build: .
    container_name: "app"
    volumes:
    - ./:/app
    - /app/node_modules
    ports:
    - "3001:3001"
    command: pm2 start server.js --no-daemon
    networks:
      - web
    labels:
      - "traefik.http.routers.chat-app.rule=Host(`abc.domain.com`)"

networks:
  web:
    external: true

Hello,

I recommend to read https://blog.containo.us/traefik-2-0-docker-101-fc2893944b9d