I have a domain that is managed by digital ocean. I am using that subdomain's A record pointing to a VPS which has service at different provider. I have gotten the page to load without ssl/https.
Current issues:
Dashboard not accessible outside
SSL not generating
My goals with traefik are:
- have the subdomain use ssl
- have dashboard be accessible with username and password with ssl
- auto redirect to https
I tried to use this from documentation but had no success.
--entryPoints.web.address=:80
--entryPoints.websecure.address=:443
# ...
--certificatesResolvers.sample.acme.email=your-email@your-domain.org
--certificatesResolvers.sample.acme.storage=acme.json
# used during the challenge
--certificatesResolvers.sample.acme.httpChallenge.entryPoint=web
traefik docker-compose.yml
version: '3'
services:
reverse-proxy:
container_name: traefik
# The official v2.0 Traefik docker image
image: traefik:v2.0
# Enables the web UI and tells Traefik to listen to docker
command:
# - --entrypoints.web.address=:80
# - --entrypoints.websecure.address=:443
- "--api=true"
- "--api.dashboard=true"
# - --api.insecure=true
- --providers.docker
# - --certificatesresolvers.leresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
# - --certificatesresolvers.leresolver.acme.email=xyz@domain.com
# - --certificatesresolvers.leresolver.acme.storage=/acme.json
# - --certificatesresolvers.leresolver.acme.tlschallenge=true
networks:
- web
ports:
# The HTTP port
- "443:443"
- "80:80"
# The Web UI (enabled by --api.insecure=true)
- "8080:8080"
volumes:
# So that Traefik can listen to the Docker events
- /var/run/docker.sock:/var/run/docker.sock
# - ./acme.json:/acme.json
labels:
- traefik.http.routers.traefik.rule=Host(`xyz.domain.com`)
# - "traefik.http.routers.traefik.service=api@internal"
# - "traefik.http.routers.traefik.tls.certresolver=leresolver"
# - "traefik.http.routers.traefik.entrypoints=websecure"
# - "traefik.http.routers.traefik.middlewares=authtraefik"
# - "traefik.http.middlewares.authtraefik.basicauth.users=test:dsadad" # user/password
# # global redirect to https
# - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
# - "traefik.http.routers.http-catchall.entrypoints=web"
# - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
# middleware redirect
# - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
networks:
web:
external: true
service docker-compose.yaml
version: "3"
services:
chat-app:
build: .
container_name: "app"
volumes:
- ./:/app
- /app/node_modules
ports:
- "3001:3001"
command: pm2 start server.js --no-daemon
networks:
- web
labels:
- "traefik.http.routers.chat-app.rule=Host(`abc.domain.com`)"
networks:
web:
external: true