SSL Termination with IONOS provider

Yes I changed everything to a single network and now it works. For all the people finding this thread, this is a working configuration for traefik as frontdoor and a webserver in the backend with SSL automatically generated via IONOS API and stored in acme.json.

version: "3.5"

services:
  traefik:
    image: traefik:v2.10.1
    container_name: traefik
    command:
      - "--log.level=DEBUG"
      - "--log.filePath=/logs/traefik.log"
      - "--api.insecure=true"
      - "--api.dashboard=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedByDefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--entrypoints.websecure.http.tls.certResolver=ionos"
      - "--certificatesResolvers.ionos.acme.email=your@mail.com"
      - "--certificatesResolvers.ionos.acme.storage=/acme.json"
      - "--certificatesResolvers.ionos.acme.dnschallenge.provider=ionos"
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
      - "/home/numark1/docker/data_traefik/logs:/logs"
      - "/home/numark1/docker/data_traefik/acme.json:/acme.json"
    networks:
      - "docker_global"
    environment:
      - "IONOS_API_KEY=passphrase.secret"

networks:
  docker_global:
    external: true

And the backend service:

version: '3.5'

services:
  whoami:
    image: nginxdemos/nginx-hello
    networks:
      - "docker_global"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.nginx.rule=Host(`sub.domain.de`)"
      - "traefik.http.routers.nginx.entrypoints=websecure"
      - "traefik.http.routers.nginx.tls=true"
      - "traefik.http.routers.nginx.tls.certresolver=ionos"
      - "traefik.http.services.nginx.loadbalancer.server.port=8080"

networks:
  docker_global:
    external: true