I'm using this config:
version: "3.3"
services:
traefik:
command:
# Get Docker as the provider
- "--providers.docker=true"
# Avoid that all containers are exposed
- "--providers.docker.exposedbydefault=false"
# Settle the ports for the entry points
- "--entrypoints.web.address=:80"
- "--entrypoints.web-secure.address=:443"
# Settle the autentification method to http challenge
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge=true"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge.entrypoint=web"
# Uncomment this to get a fake certificate when testing
#- "--certificatesresolvers.myhttpchallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
# Settle letsencrypt as the certificate provider
- "--certificatesresolvers.myhttpchallenge.acme.email=___________________
- "--certificatesresolvers.myhttpchallenge.acme.storage=/letsencrypt/acme.json"
mysite:
labels:
# The labels are usefull for Traefik only
- "traefik.enable=true"
- "traefik.docker.network=traefik"
# Get the routes from http
- "traefik.http.routers.mysite.rule=Host(mysite.com, www.mysite.com)"
- "traefik.http.routers.mysite.entrypoints=web"
# Redirect these routes to https
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.mysite.middlewares=redirect-to-https@docker"
# Get the routes from https
- "traefik.http.routers.mysite-secured.rule=Host(mysite.com, www.mysite.com)"
- "traefik.http.routers.mysite-secured.entrypoints=web-secure"
# Apply autentificiation with http challenge
- "traefik.http.routers.mysite-secured.tls=true"
- "traefik.http.routers.mysite-secured.tls.certresolver=myhttpchallenge"
Everything works except https://www. I get an SSL error, then when I click proceed anyway, I get a error from traefik, 404 page not found. http://, https://, http://www all work, redirect to https://. But https://www does not work.
I tried a lot of suggestions, the regex middleware to no success. It's just the exact same results.
I needed to add backticks around the site name in the Host():
- "traefik.http.routers.mysite.rule=Host(`mysite.com`, `www.mysite.com`)"
- "traefik.http.routers.mysite-secured.rule=Host(`mysite.com`, `www.mysite.com`)"
Also, my deploy was wrong. Sometimes I was uploading the file ad-hoc, then manually running a post-receive hook which overwrites with an old version.