I have a Traefik up and running wth docker, LetsEncrypt, etc.. There are several containers working with HTTPs like Protainer, Dashboard@traefik.
I am very happy with that.
The problem comes with some (internal) servers connected via Wireguard. As I start to like Traefik there is a Traefik on every server. This servers work great and (would) do their LetsEncrypt on their own. Some servers are out of my reach but all do port 80 (HTTP), 443/TCP (HTTPS=>HTTP2) and soon 443/UDP (HTTP3).
What to do if there is a full server with HTTP/HTTP2/HTTP3 and LetsEncrypt behind a Traefik?
How can I write rules to:
direct any request on entrypoint (80/HTTP) to some docker container (wireguard container, for some domain name) WITHOUT touching it (HTTPS redirect) to allow LetsEncrypt somewhere else?
pass-through ALL TLS traffic for some domain to the container? <= I think I got this one working
pass-through ALL TLS UDP traffic like in "2." but this time for HTTP3?
I hope I was able to explain the main idea.