Guides HOWTO: Configure traefik to handle multiple domain names

plex_noob

Senior Member
Original poster
Staff
Donor
Local time
10:16 AM
Oct 1, 2018
223
105
Brussels
Traefik is capable of handling the requests for different domain names.
There are also multiple ways to tell Traefik how to handle incoming requests.

In PG, everything relies on labels configured at the container level. Traefik relies on those labels to decide where the traffic needs to go.
In PG, the configuration is located in a single file /opt/appdata/traefik/traefik.toml

This is the original (PG) Traefik configuration file:

Code:
insecureskipverify = true

logLevel = "WARN"

defaultEntryPoints = ["http", "https"]

[entryPoints]
  [entryPoints.http]
  address = ":80"
  #[entryPoints.http.redirect]
  #  entryPoint = "https"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]
    MinVersion = "VersionTLS12"
    CipherSuites = ["TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"]
  [entryPoints.monitor]
  address = ":8081"

[retry]

[acme]
acmeLogging = true
email = "[email protected]"
storage = "/etc/traefik/acme/acme.json"
entryPoint = "https"
  [acme.dnsChallenge]
    provider = "cloudflare"
    delayBeforeCheck = 30

[[acme.domains]]
  main = "*.project.com"
  sans = ["project.com"]

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "project.com"
watch = true
exposedbydefault = false
network = "plexguide"
As we can see, currently Traefik is configured to handle all requests for a single domain name: project.com.
Let's tell to Traefik to handle an additional domain:


[[acme.domains]]
main = "*.project.com"
sans = ["project.com"]



Becomes


[[acme.domains]]
main = "*.project.com"
sans = ["project.com"]
[[acme.domains]]
main = "*.harvest.com"
sans = ["harvest.com"]


Restarting traefik container will force it to request the additional keys for the new domain. You can check if everything went ok by opening the file /opt/appdata/traefik/acme/acme.json. You should see the keys for the 2 domains now.

In order to handle multiple domains, we need to use another technique (Front-end/Back-end). But before proceeding, we should separate the fix part of the configuration from the more dynamic one and though create an additional file where we will put the configuration of the different front-end and back-end.
In order to ease the management of the different Front-Ends and Back-Ends aside of the docker container configuration, it is advisable put everything in a separate file that Traefik will monitor for changes the same way it does for docker containers.

Let's create a additional file file servers.toml,
mkdir -p /opt/appdata/traefik/servers.toml

Let's insert in the main file a reference to the new servers.toml file. This to be sure, when a request arrives, Traefik will check both the container labels but also the servers.toml file.

[file]
watch = true
filename = "/opt/appdata/traefik/servers.toml"



The final main configuration file should look like this:

Code:
insecureskipverify = true

logLevel = "WARN"

defaultEntryPoints = ["http", "https"]

[entryPoints]
  [entryPoints.http]
  address = ":80"
  #[entryPoints.http.redirect]
  #  entryPoint = "https"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]
    MinVersion = "VersionTLS12"
    CipherSuites = ["TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"]
  [entryPoints.monitor]
  address = ":8081"

[retry]

[acme]
acmeLogging = true
email = "[email protected]"
storage = "/etc/traefik/acme/acme.json"
entryPoint = "https"
  [acme.dnsChallenge]
    provider = "cloudflare"
    delayBeforeCheck = 30
[[acme.domains]]
  main = "*.project.com"
  sans = ["project.com"]
[[acme.domains]]
  main = "*.harvest.com"
  sans = ["harvest.com"]

[file]
  watch = true
  filename = "/opt/appdata/traefik/servers.toml"

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "project.com"
watch = true
exposedbydefault = false
network = "plexguide"
Now, we need to add the new Front-Ends and Back-Ends in the servers.toml file.
nano /opt/appdata/traefik/servers.toml

Let's paste the following code

Code:
loglevel = "ERROR"

[frontends]
    [frontends.xxx]
        backend = "xxx"
        [frontends.xxx.routes.domain]
            rule = "Host:xxx.project.com"
    [frontends.yyy]
        backend = "yyy"
        [frontends.yyy.routes.domain]
            rule = "Host:yyy.harvest.com"
    [frontends.yyy]
        backend = "zzz"
        [frontends.zzz.routes.domain]
            rule = "Host:zzz.harvest.com"

[backends]
    [backends.xxx]
        [backends.xxx.servers.xxx]
            url = "http://192.168.1.1:8100"
    [backends.yyy]
        [backends.yyy.servers.yyy]
            url = "http://192.168.1.9:4430"
        [backends.zzz.servers.zzz]
            url = "http://192.168.1.9:8000"
We see we have 2 Front-Ends, one with one URL and the other with 2 and we have 3 backend servers
For each Front-End "Server" we need a Back-End "Application/Service"
When a request comes in for zzz.harvest.com (Front-End server) the request is forwarded to backend "zzz" which URL is "http://192.168.1.9:8000"

That's all Folks !
 

DeadPool

Senior Member
Moderator
Local time
8:16 AM
May 2, 2018
151
31
great work.wow
 

TUDJA

Junior Member
Patron
Local time
10:16 PM
Oct 6, 2018
11
1
Great job and very interesting! But I'm a little lazy and I'll wait for it to be "automated" in the next version ;)

If this function is integrated, will we be able to match each domain with a specific wordpress instance? :unsure:
 

plex_noob

Senior Member
Original poster
Staff
Donor
Local time
10:16 AM
Oct 1, 2018
223
105
Brussels
Yes it will be a question of configuration
 
  • Like
Reactions: TUDJA

plex_noob

Senior Member
Original poster
Staff
Donor
Local time
10:16 AM
Oct 1, 2018
223
105
Brussels
No, no time left for the moment to work on that. You can try.
 

nachobel

Senior Member
Staff
Donor
Local time
12:16 AM
Feb 2, 2019
140
33
How should I set up my second domain in Cloudflare to get this working? I have two domains, one is for Plex (e.g., nachoplex.com) and all the PG apps, and the other I just want to use with a Wordpress installation on the same computer (e.g., nachoblog.com). The Wordpress is accessible at, e.g., blog.nachoplex.com, but I want it accessible just from the different TLD. Is this possible?
 

plex_noob

Senior Member
Original poster
Staff
Donor
Local time
10:16 AM
Oct 1, 2018
223
105
Brussels
Did you read the post ? This is exactly what is explained.
 

nachobel

Senior Member
Staff
Donor
Local time
12:16 AM
Feb 2, 2019
140
33
Yes I did, thanks for the data. I didn't see where it talked about how to set up your DNS/Rules on Cloudflare, but I'll look again. Thanks again!
 
Assists Greatly with Development Costs

Admin9705

Administrator
Project Manager
Local time
3:16 AM
Jan 17, 2018
4,758
1,804
team, this is not a focus for pg and exceeds the scope of the program. pg focuses on the 95 percent solution for most. lots of programming and work arounds have to be built in for a 1% use :D
 

sconnery

Respected Member
Moderator
FreeLancer
Donor
Local time
7:16 PM
Jan 10, 2019
77
13
Sydney, Australia
@plex_noob the data in my toml file is a different format, if I change it to yours it breaks,
I am using cloudflare and am trying numerous formats . also wont reference the servers.toml file (your guide said mkdir) not file though.
will let you know if I succed but any tips may help.
 

sconnery

Respected Member
Moderator
FreeLancer
Donor
Local time
7:16 PM
Jan 10, 2019
77
13
Sydney, Australia
@plex_noob the data in my toml file is a different format, if I change it to yours it breaks,
I am using cloudflare and am trying numerous formats . also wont reference the servers.toml file (your guide said mkdir) not file though.
will let you know if I succed but any tips may help.
Fixed this was a directory change to match the traefik container and not the root os
 

sconnery

Respected Member
Moderator
FreeLancer
Donor
Local time
7:16 PM
Jan 10, 2019
77
13
Sydney, Australia
anyone have any examples of opt/appdata/traefik/servers.toml as i have been playing the variables for a few hours and still only getting error 404 on my secondary domain
 

kitefreakk

Noob
Local time
9:16 AM
Apr 18, 2019
1
0
so where do I put what? on the servers.toml file do i replace xxx ,yyy, zzz with the corresponding domains? Do we now have to manually add containers, or will the automation keep working for the first domain?

Maybe somebody knows :D!
 

mithandir

Junior Member
Local time
9:16 AM
Oct 8, 2019
4
1
Looking for the same.. I followed the guilde. One question : is the "mkdir" for servers.toml a typo? Since we want to make a file, not a directory, right ?
Anyway, when i restart traefik i get
"Error starting provider *acme.Provider: error reading configuration file: /opt/appdata/traefik/servers.toml - open /opt/appdata/traefik/servers.toml: no such file or directory"
But i'm pretty sure the file does exist :) Any idea ?
 

plex_noob

Senior Member
Original poster
Staff
Donor
Local time
10:16 AM
Oct 1, 2018
223
105
Brussels
You are right, it is a typo.
servers.toml should be located in the same directory as traefik.toml except if you specified it differently in traefik.toml.
Post automatically merged:

Here is an extract of a possible implementation

3 different servers:
  1. 192.168.1.1
  2. 192.168.1.9
  3. 192.168.1.10
Each server hosting a specific service:
  1. unraid web interface
  2. pi-hole web ui
  3. a default web site
Each server declared publicaly in a public DNS server with a public IP as:
  1. unraid.project.com
  2. pi.project.com,
  3. www.harvest.com

Code:
loglevel = "ERROR"

[frontends]
    [frontends.unraid]
        backend = "unraid"
        [frontends.unraid.routes.domain]
            rule = "Host:unraid.project.com"
    [frontends.pi]
        backend = "pi"
        [frontends.pi.routes.domain]
            rule = "Host:pi.projetc.com"
    [frontends.www]
        backend = "www"
        [frontends.www.routes.domain]
            rule = "Host:www.harvest.com"

[backends]
    [backends.unraid]
        [backends.unraid.servers.server1]
            url = "http://192.168.1.1:8080"
    [backends.pi]
        [backends.pi.servers.server1]
            url = "http://192.168.1.9"
    [backends.www]
        [backends.www.servers.servver1]
            url = "http://192.168.1.10"
 
Last edited:
  • Like
Reactions: Admin9705

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.


Maintenance Donations

 

Recommend NewsGroups

Trending