My goal is to be able to use terraria.domain.com:7777 to get in first server, and terraria2.domain.com:7777 in order to get into second. But using the :7777 port is always getting routed to the first image. It appears that the HostSNI is behaving like a wildcard.
terraria:
image: atgomez6555/terraria:tshock-latest
container_name: terraria
ports:
- 7777:7777
environment:
- world=Avernus.wld
volumes:
- /home/alex/docker/terraria/config:/config
tty: true
stdin_open: true
restart: unless-stopped
labels:
traefik.enable: "true"
traefik.tcp.routers.terraria.entrypoints: "terraria"
traefik.tcp.routers.terraria.rule: "HostSNI(`terraria.domain.com`)"
traefik.tcp.routers.terraria.tls: "true"
depends_on:
- traefik
terraria2:
image: atgomez6555/terraria:tshock-latest
container_name: terraria2
ports:
- 7778:7778
environment:
- world=The_Island_of_Silver.wld
volumes:
- /home/alex/docker/terraria/config2:/config
tty: true
stdin_open: true
restart: unless-stopped
labels:
traefik.enable: "true"
traefik.tcp.routers.terraria2.entrypoints: "terraria"
traefik.tcp.routers.terraria2.rule: "HostSNI(`terraria2.domain.com`)"
traefik.tcp.routers.terraria2.tls: "true"
depends_on:
- traefik
And this is my toml config file:
# [global]
[log]
level = "INFO"
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.web.http.redirections.entryPoint]
to = "websecure"
scheme = "https"
[entryPoints.websecure]
address = ":443"
[entryPoints.traefik]
address = ":8083"
[entryPoints.terraria]
address = ":7777"
[providers]
providersThrottleDuration = "2s"
[providers.docker]
swarmModeRefreshSeconds = "15s"
exposedByDefault = false
endpoint = "unix:///var/run/docker.sock"
[api]
insecure = true
dashboard = true
[ping]
# terminatingStatusCode = 0
[certificatesResolvers]
[certificatesResolvers.default]
[certificatesResolvers.default.acme]
email = "xxxx"
storage = "acme.json"
[certificatesResolvers.default.acme.dnsChallenge]
provider = "cloudflare"
delayBeforeCheck = "0s"
resolvers = ["dara.ns.cloudflare.com", "elliot.ns.cloudflare.com"]
Ideally I do not want to have to port forward a separate port for every server I run.