I have a dev setup that for my needs right now. I only want serve multiple self signed ssl cert. I added a ca to my keychain(macOS), and use that ca to sign my own cert for every test domain. I'm using docker-compose with traefik as proxy manager and alemp stack for wordpress development. I can now generate wildcards certs for {domain}.test and www.{domain}.test. But i have some multisites thats using more than 1 domain. It's working on http on the same lemp stack but cant figure it out how to use multiple cert on traefik My configs:
-- lemp stack (php and other services not included)
version: '3.7'
services:
nginx:
image: nginx:latest
container_name: ${APP_NAME}-nginx
volumes:
- "./nginx/:/etc/nginx/templates/"
- ./src:/var/www/html:rw,cached
environment:
- "NGINX_ENVSUBST_TEMPLATE_SUFFIX=.conf"
depends_on:
- app
networks:
- default
- traefik
labels:
- "traefik.enable=true"
- "traefik.http.routers.${APP_NAME}.rule=Host(`${DOMAIN}`) || Host(`www.${DOMAIN}`) || Host(`${DOMAIN2}`) || Host(`www.${DOMAIN2}`)"
- "traefik.http.routers.${APP_NAME}.entrypoints=websecure"
- "traefik.http.services.${APP_NAME}.loadbalancer.server.port=80"
- "traefik.docker.network=traefik_proxy"
restart: always
-- My traefik proxy
version: '3.7'
services:
reverse-proxy:
container_name: traefik
# The official v2.0 Traefik docker image
image: traefik:v2.4
# Enables the web UI and tells Traefik to listen to docker
command:
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- --entrypoints.websecure.address=:443
- --entrypoints.websecure.http.tls=true
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
- --providers.file.directory=/etc/traefik/dynamic
ports:
# The HTTP port
- "192.168.255.1:80:80"
- "192.168.255.1:443:443"
# The Web UI (enabled by --api.insecure=true)
- "192.168.255.1:8080:8080"
volumes:
# So that Traefik can listen to the Docker events
- /var/run/docker.sock:/var/run/docker.sock:ro
- /etc/localtime:/etc/localtime:ro
- ./traefik/dynamic/dynamic.yaml:/etc/traefik/dynamic/dyn.yaml
- ./traefik/certs:/etc/traefik/certs:ro
networks:
default:
name: traefik_proxy
external: false