Tried many many different options, and nothing works.
Goal:
xyz.com/traefik ---> loads traefik dashboard
xyz.com/whoami ---> loads whoami
xyz.com/anotherapp ---> loads another docker service/app
xyz.com/... ---> loads another ...
and all with SSL
docker-compose.yml
version: "3.7"
services:
traefik:
image: traefik:v2.9.6
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker
- --api.insecure=true
- --api
- --certificatesresolvers.le.acme.email=email@email.com
- --certificatesresolvers.le.acme.storage=./acme.json
- --certificatesresolvers.le.acme.tlschallenge=true
ports:
- 8080:8080
- 80:80
- 443:443
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./acme.json:/acme.json
labels:
- traefik.enable=true
# Dashboard
# THIS WORKS (without path) If I visit x.example.com I get the dashboard
# - traefik.http.routers.traefik.rule=Host(`x.example.com`)
# THIS DOES NOT WORK (with path)
- traefik.http.routers.dashboard.rule=Host(`x.example.com`) && (Path(`/traefik`) || PathPrefix(`/traefik`) || HeadersRegexp(`Referer`, `.*/traefik/.*`))
# configure stripprefix rule for the dashboard
- traefik.http.routers.dashboard.middlewares=dashboard-stripprefix
- traefik.http.middlewares.dashboard-stripprefix.stripprefix.prefixes=/traefik
- traefik.http.routers.traefik.service=api@internal
- traefik.http.routers.traefik.tls=true
- traefik.http.routers.traefik.tls.certresolver=le
- traefik.http.routers.traefik.entrypoints=websecure
# auth
- traefik.http.routers.traefik.middlewares=authtraefik
- traefik.http.middlewares.authtraefik.basicauth.users=${TRAEFIK_USERNAME}:${TRAEFIK_PASSWORD}
# global redirect to https
- traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)
- traefik.http.routers.http-catchall.entrypoints=web
- traefik.http.routers.http-catchall.middlewares=redirect-to-https
# middleware redirect
- traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
networks:
- traefik
whoami:
image: containous/whoami
labels:
- traefik.http.routers.whoami.rule=Host(`x.example.com`) && PathPrefix(`/whoami`)
- traefik.http.routers.whoami.entrypoints=websecure
- traefik.http.routers.whoami.tls=true
networks:
- traefik:
networks:
traefik:
external: true
Tried many permutations, but still does not work. So far, if I add the PathPrefix
for the dashboard, I get unable to generate a certificate for the domains
because Domain name needs at least one dot
.
Questions I have:
- Do I need the external true networks? I see configs with or without
- Why am I getting the
Domain name needs at least one dot
error? - If I use AWS Certificate Manager to get certificate for the subdomain, do I still need Let's Encrypt again?
- Do I need stripprefix if I use PathPrefix?
Thank you!