What's new
PGBlitz.com

Register Now! Find useful tips, Interact /w Community Members and join the part the Best Community on the Internet!

Guides HOWTO: Configure traefik to handle multiple domain names

plex_noob

Senior Member
Staff
Donor
Traefik is capable of handling the requests for different domain names.
There are also multiple ways to tell Traefik how to handle incoming requests.

In PG, everything relies on labels configured at the container level. Traefik relies on those labels to decide where the traffic needs to go.
In PG, the configuration is located in a single file /opt/appdata/traefik/traefik.toml

This is the original (PG) Traefik configuration file:

Code:
insecureskipverify = true

logLevel = "WARN"

defaultEntryPoints = ["http", "https"]

[entryPoints]
  [entryPoints.http]
  address = ":80"
  #[entryPoints.http.redirect]
  #  entryPoint = "https"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]
    MinVersion = "VersionTLS12"
    CipherSuites = ["TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"]
  [entryPoints.monitor]
  address = ":8081"

[retry]

[acme]
acmeLogging = true
email = "[email protected]"
storage = "/etc/traefik/acme/acme.json"
entryPoint = "https"
  [acme.dnsChallenge]
    provider = "cloudflare"
    delayBeforeCheck = 30

[[acme.domains]]
  main = "*.project.com"
  sans = ["project.com"]

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "project.com"
watch = true
exposedbydefault = false
network = "plexguide"
As we can see, currently Traefik is configured to handle all requests for a single domain name: project.com.
Let's tell to Traefik to handle an additional domain:


[[acme.domains]]
main = "*.project.com"
sans = ["project.com"]



Becomes


[[acme.domains]]
main = "*.project.com"
sans = ["project.com"]
[[acme.domains]]
main = "*.harvest.com"
sans = ["harvest.com"]


Restarting traefik container will force it to request the additional keys for the new domain. You can check if everything went ok by opening the file /opt/appdata/traefik/acme/acme.json. You should see the keys for the 2 domains now.

In order to handle multiple domains, we need to use another technique (Front-end/Back-end). But before proceeding, we should separate the fix part of the configuration from the more dynamic one and though create an additional file where we will put the configuration of the different front-end and back-end.
In order to ease the management of the different Front-Ends and Back-Ends aside of the docker container configuration, it is advisable put everything in a separate file that Traefik will monitor for changes the same way it does for docker containers.

Let's create a additional file file servers.toml,
mkdir -p /opt/appdata/traefik/servers.toml

Let's insert in the main file a reference to the new servers.toml file. This to be sure, when a request arrives, Traefik will check both the container labels but also the servers.toml file.

[file]
watch = true
filename = "/opt/appdata/traefik/servers.toml"



The final main configuration file should look like this:

Code:
insecureskipverify = true

logLevel = "WARN"

defaultEntryPoints = ["http", "https"]

[entryPoints]
  [entryPoints.http]
  address = ":80"
  #[entryPoints.http.redirect]
  #  entryPoint = "https"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]
    MinVersion = "VersionTLS12"
    CipherSuites = ["TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"]
  [entryPoints.monitor]
  address = ":8081"

[retry]

[acme]
acmeLogging = true
email = "[email protected]"
storage = "/etc/traefik/acme/acme.json"
entryPoint = "https"
  [acme.dnsChallenge]
    provider = "cloudflare"
    delayBeforeCheck = 30
[[acme.domains]]
  main = "*.project.com"
  sans = ["project.com"]
[[acme.domains]]
  main = "*.harvest.com"
  sans = ["harvest.com"]

[file]
  watch = true
  filename = "/opt/appdata/traefik/servers.toml"

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "project.com"
watch = true
exposedbydefault = false
network = "plexguide"
Now, we need to add the new Front-Ends and Back-Ends in the servers.toml file.
nano /opt/appdata/traefik/servers.toml

Let's paste the following code

Code:
loglevel = "ERROR"

[frontends]
    [frontends.xxx]
        backend = "xxx"
        [frontends.xxx.routes.domain]
            rule = "Host:xxx.project.com"
    [frontends.yyy]
        backend = "yyy"
        [frontends.yyy.routes.domain]
            rule = "Host:yyy.harvest.com"
    [frontends.yyy]
        backend = "zzz"
        [frontends.zzz.routes.domain]
            rule = "Host:zzz.harvest.com"

[backends]
    [backends.xxx]
        [backends.xxx.servers.xxx]
            url = "http://192.168.1.1:8100"
    [backends.yyy]
        [backends.yyy.servers.yyy]
            url = "http://192.168.1.9:4430"
        [backends.zzz.servers.zzz]
            url = "http://192.168.1.9:8000"
We see we have 2 Front-Ends, one with one URL and the other with 2 and we have 3 backend servers
For each Front-End "Server" we need a Back-End "Application/Service"
When a request comes in for zzz.harvest.com (Front-End server) the request is forwarded to backend "zzz" which URL is "http://192.168.1.9:8000"

That's all Folks !
 
M

MrDoob

Guest
do you create the category for it or should I do that quickly?
 

TUDJA

Junior Member
Patron
Great job and very interesting! But I'm a little lazy and I'll wait for it to be "automated" in the next version ;)

If this function is integrated, will we be able to match each domain with a specific wordpress instance? :unsure:
 

plex_noob

Senior Member
Staff
Donor
No, no time left for the moment to work on that. You can try.
 

nachobel

Senior Member
Staff
Donor
How should I set up my second domain in Cloudflare to get this working? I have two domains, one is for Plex (e.g., nachoplex.com) and all the PG apps, and the other I just want to use with a Wordpress installation on the same computer (e.g., nachoblog.com). The Wordpress is accessible at, e.g., blog.nachoplex.com, but I want it accessible just from the different TLD. Is this possible?
 

plex_noob

Senior Member
Staff
Donor
Did you read the post ? This is exactly what is explained.
 

nachobel

Senior Member
Staff
Donor
Yes I did, thanks for the data. I didn't see where it talked about how to set up your DNS/Rules on Cloudflare, but I'll look again. Thanks again!
 

Admin9705

Administrator
Project Manager
team, this is not a focus for pg and exceeds the scope of the program. pg focuses on the 95 percent solution for most. lots of programming and work arounds have to be built in for a 1% use :D
 

sconnery

Respected Member
Moderator
FreeLancer
Donor
can we configure it , to have mulitple domains using different containers as the top level ?
 

sconnery

Respected Member
Moderator
FreeLancer
Donor
@plex_noob the data in my toml file is a different format, if I change it to yours it breaks,
I am using cloudflare and am trying numerous formats . also wont reference the servers.toml file (your guide said mkdir) not file though.
will let you know if I succed but any tips may help.
 

sconnery

Respected Member
Moderator
FreeLancer
Donor
@plex_noob the data in my toml file is a different format, if I change it to yours it breaks,
I am using cloudflare and am trying numerous formats . also wont reference the servers.toml file (your guide said mkdir) not file though.
will let you know if I succed but any tips may help.
Fixed this was a directory change to match the traefik container and not the root os
 

sconnery

Respected Member
Moderator
FreeLancer
Donor
anyone have any examples of opt/appdata/traefik/servers.toml as i have been playing the variables for a few hours and still only getting error 404 on my secondary domain
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.


Development Donations

 

Top NZB NewsGroups!

Members - Up To a 58% Discount!

Trending

Online statistics

Members online
13
Guests online
99
Total visitors
112
Top