From bf3a47016d7963405be02b3cdc9c0745eff0f5f2 Mon Sep 17 00:00:00 2001
From: Simon Milvert <simon@milvert.com>
Date: Tue, 29 Oct 2019 20:45:42 +0100
Subject: [PATCH] First working https

---
 docker-compose.yml | 17 ++++++++++++-----
 traefik.yml        | 10 +++++++---
 2 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index ec492ff..270bb03 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -79,8 +79,9 @@ services:
       - "traefik.enable=true"
       - "traefik.http.routers.whoami.rule=Host(`whoami.${DOMAIN}`)"
       - "traefik.http.routers.whoami.entrypoints=web"
-      - "traefik.http.routers.whoami.entrypoints=web-secure"
-      - "traefik.http.routers.whoami.tls.certresolver=sample"
+      - "traefik.http.routers.whoami-secure.entrypoints=web-secure"
+      - "traefik.http.routers.whoami-secure.rule=Host(`whoami.${DOMAIN}`)"
+      - "traefik.http.routers.whoami-secure.tls.certresolver=default"
 
   mqtt:
     image: eclipse-mosquitto:1.6.7
@@ -157,19 +158,25 @@ services:
     ports:
       # The HTTP port
       - "80:80"
+      - "443:443"
       - "8080:8080"
     volumes:
       # So that Traefik can listen to the Docker events
       - /var/run/docker.sock:/var/run/docker.sock
       - ./traefik.yml:/etc/traefik/traefik.yml
       - ./static_config.yml:/etc/traefik/static_config.yml
-      - ./acme.json:/acme.json
-      - "./letsencrypt:/letsencrypt"
-
+        #      - "./log.json:/etc/traefik/log.json"
+        #      - "./traefik/acme.json:/acme.json"
+    dns:
+      - 8.8.8.8
 
     labels:
       - "traefik.http.routers.traefik.rule=Host(`tr.${DOMAIN}`)"
       - "traefik.http.routers.traefik.entrypoints=web"
+      - "traefik.http.routers.traefik-secure.entrypoints=web-secure"
+      - "traefik.http.routers.traefik-secure.rule=Host(`tr.${DOMAIN}`)"
+      - "traefik.http.routers.traefik-secure.tls.certresolver=default"
+      - "traefik.http.routers.traefik-secure.tls=true"
       - "traefik.http.services.traefik-service.loadbalancer.server.port=8080"
       - "traefik.enable=true"
 
diff --git a/traefik.yml b/traefik.yml
index c6702f0..a781b02 100644
--- a/traefik.yml
+++ b/traefik.yml
@@ -15,12 +15,16 @@ providers:
     filename: "/etc/traefik/static_config.yml"
     watch: true
 
+log:
+  level: DEBUG
+  #  filePath: /etc/traefik/log.json
+  # format: json
 
 certificatesResolvers:
-  sample:
+  default:
     acme:
       email: simon@milvert.com
-      storage: acme.json
+      storage: "acme.json"
       httpChallenge:
         # used during the challenge
         entryPoint: web
@@ -29,7 +33,7 @@ certificatesResolvers:
 entryPoints:
   web:
    address: ":80"
-  web-sercure:
+  web-secure:
    address: ":443"
   mqtt:
    address: ":9001"