Hi all
I'm struggling to get a wildcard subdomain setup working with docker compose. I have had a working solution for sites with docker compose and traefik for quite some time, but the new site I am trying to upload needs access to subdomains - the main site is like shop.ourdomain.com and I want *.shop.ourdomain.com to all be directed, with https, to the same container.
I have a traefik container (Traefik version 2.8) running as follows:
traefik/docker-compose.yml
services:
traefik:
image: traefik:v2.8
container_name: traefik
command:
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.http.address=:80
- --entrypoints.https.address=:443
- --certificatesresolvers.myresolver.acme.tlschallenge=true
- --certificatesresolvers.myresolver.acme.email=[my email address here]
- --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
#- --accesslog=true
#- --log.level=DEBUG
ports:
- 80:80
- 8080:8080
- 443:443
volumes:
- ./letsencrypt:/letsencrypt
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- web
restart: unless-stopped
networks:
web: {}
and various websites running their own containers. They use an env file for setting the basic domain name and docker project name etc and then the relevant part of their
(part of) shop/docker-compose.yml
labels:
- traefik.enable=true
- traefik.docker.network=traefik_web
- traefik.http.routers.${NAME}-http.rule=Host(`${DOMAIN}`)
- traefik.http.routers.${NAME}-http.entrypoints=http
- traefik.http.routers.${NAME}-http.middlewares=${NAME}-https
- traefik.http.middlewares.${NAME}-https.redirectscheme.scheme=https
- traefik.http.routers.${NAME}.rule=Host(`${DOMAIN}`)
- traefik.http.routers.${NAME}.entrypoints=https
- traefik.http.routers.${NAME}.tls.certresolver=myresolver
Trying to follow some suggestions I tried adding the following but that didn't seem to do anything:
- traefik.http.routers.${NAME}.tls.domains[0].main=${DOMAIN}
- traefik.http.routers.${NAME}-secure.tls.domains[0].sans=*.${DOMAIN}
I also tried using HostRegexp instead of Host rules but couldn't even get the main domain working with that.
I'm sure I'm just doing something stupid so sorry for the noise, but can anyone help describe how I should be able to get Traefik to get a wildcard certificate and also direct all subdomains to the container's web service?