Не осилю никак как завести несколько доменов и получением для каждого домена своего сертификата от Letsencrypt. Сейчас имею такой конфиг
cat data/traefik.yml
api:
dashboard: true
entryPoints:
web:
address: :80
http:
redirections:
entryPoint:
to: websecure
websecure:
address: :443
http:
middlewares:
- secureHeaders@file
tls:
certResolver: letsencrypt_domain1
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
file:
directory: /custom
watch: true
certificatesResolvers:
letsencrypt_domain1:
acme:
email: admin@domain1.com
storage: acme_domain1.json
tlschallenge: true
httpChallenge:
entryPoint: web
cat data/custom/dynamic.yml
http:
middlewares:
secureHeaders:
headers:
sslRedirect: true
forceSTSHeader: true
stsIncludeSubdomains: true
stsPreload: true
stsSeconds: 31536000
user-auth:
basicAuth:
users:
- "admin:pass"
tls:
options:
default:
minVersion: VersionTLS12
curvePreferences:
- secp521r1
- secp384r1
sniStrict: true
cat docker-compose.yml
version: '3'
services:
traefik:
image: traefik:v2.3.7
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- web
ports:
- 80:80
- 443:443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data/traefik.yml:/traefik.yml:ro
- ./data/acme_domain1.json:/acme_domain1.json
- ./data/custom/:/custom/:ro
labels:
- "traefik.enable=true"
- "traefik.docker.network=web"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.rule=Host(`traefik.domain1.com`)"
- "traefik.http.routers.traefik.tls.certresolver=letsencrypt_domain1"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.middlewares=user-auth@file"
networks:
web:
external: true
letsencrypt_domain2:
acme:
email: admin@domain1.com
storage: acme_domain2.json
tlschallenge: true
httpChallenge:
entryPoint: web
