What could be the best way to issue missing letsencrypt certificates automatically?
I have a Traefik 2.9 proxy that works for multiple docker containers for multiple domain names. Acme http challenge is set up for all my domains.
I want to add a new domain to work with letsencrypt:
s3.mydomain.com
How to solve this in a smart way?
What i do now is:
rm acme.json
docker compose -f docker/docker-compose-prod.yml -p traefik up --build --force-recreate -d --remove-orphans
chmod 777 acme.json
I think this is not smart.
Do I rly need to delete acme.json? Do I rly need to restart traefik?
I would expect traefik would hendle everything automatically somehow.
Is there a more smart/clever way?
My traefik config:
entryPoints:
web:
address: ":80"
websecure:
address: ":443"
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
watch: true
certificatesResolvers:
myresolver:
acme:
email: myemail@gmail.com
storage: acme.json
caServer: "https://acme-v02.api.letsencrypt.org/directory"
httpChallenge:
entryPoint: web
Traefik labels for one of my containers. (it is similar for all other containers)
labels:
- traefik.enable=true
- traefik.docker.network=traefik_proxy
- traefik.http.routers.api-community.entrypoints=web
- traefik.http.routers.api-community.rule=Host(`${API_PUBLIC_URL}`, `${ADMIN_PUBLIC_URL}`)
- traefik.http.routers.api-community.middlewares=api-community-https-redirect
- traefik.http.routers.api-community-secure.entrypoints=websecure
- traefik.http.routers.api-community-secure.rule=Host(`${API_PUBLIC_URL}`, `${ADMIN_PUBLIC_URL}`)
- traefik.http.routers.api-community-secure.tls=true
- traefik.http.routers.api-community-secure.tls.certresolver=myresolver
- traefik.http.routers.api-community-secure.service=php-nginx-community
- traefik.http.middlewares.api-community-https-redirect.redirectscheme.scheme=https
