micw/README.md

## README.md

      
    Raw
  

              README.md
            
          
    I have created an easier, well documented version of this in my blog at https://blog.wyraz.de/linux/deploying-rancher-server-standalone-behind-traefik-with-lets-encrypt-for-both/

  
## traefik-acme-passthrough.toml
# This is an example how to pass acme challenges to a backend of a particular domain while
# all other acme challenges are solved by traefik
# Tested with traefik 1.7.7

# How it works:
# - an entry point listens at 81 which is used for traefik's acme. This port is not exposed
# - a default rule for /.well-known/acme-challenge/ is added for the http entry point. It has a priority of 1000
#   and forwards acme requests to localhost:81 where traefik accepts acme challenges
# - for a particular domain, a rule with higher priority is added, so this domain's acme challenges are not sent to
#   traefik

# Note: to make traefik issue certs automatically (via onHostRule), it is necessary that the rule is bound to the "acme"
#       entrypoint (see https://github.com/containous/traefik/issues/3918)

[entryPoints]
  [entryPoints.http]
  address = ":80"
  [entryPoints.acme]
  address = ":81"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]

[acme]

email = "test@traefik.io"
storage = "acme.json"
entryPoint = "https"

[acme.httpChallenge]
  entryPoint = "acme"

[file]

[backends]

  [backends.acme]

    [backends.acme.servers]
      [backends.acme.servers.server0]
        url = "http://127.0.0.1:81/"

  [backends.backend1]

    [backends.backend1.servers]
      [backends.backend1.servers.server0]
        url = "https://ifconfig.io/"


[frontends]

  [frontends.acme]
    entryPoints = ["http"]
    backend = "acme"
    passHostHeader = true
    priority = 1000

    [frontends.acme.routes]
      [frontends.acme.routes.route0]
        rule = "PathPrefix:/.well-known/acme-challenge/"

  [frontends.frontend1]
    entryPoints = ["http"]
    backend = "backend1"
    passHostHeader = false
    priority = 1001

    [frontends.frontend1.routes]
      [frontends.frontend1.routes.route0]
        rule = "Host:127.0.0.1.xip.io"
        priority = 1001
	# This is an example how to pass acme challenges to a backend of a particular domain while
	# all other acme challenges are solved by traefik
	# Tested with traefik 1.7.7

	# How it works:
	# - an entry point listens at 81 which is used for traefik's acme. This port is not exposed
	# - a default rule for /.well-known/acme-challenge/ is added for the http entry point. It has a priority of 1000
	# and forwards acme requests to localhost:81 where traefik accepts acme challenges
	# - for a particular domain, a rule with higher priority is added, so this domain's acme challenges are not sent to
	# traefik

	# Note: to make traefik issue certs automatically (via onHostRule), it is necessary that the rule is bound to the "acme"
	# entrypoint (see https://github.com/containous/traefik/issues/3918)

	[entryPoints]
	[entryPoints.http]
	address = ":80"
	[entryPoints.acme]
	address = ":81"
	[entryPoints.https]
	address = ":443"
	[entryPoints.https.tls]

	[acme]

	email = "test@traefik.io"
	storage = "acme.json"
	entryPoint = "https"

	[acme.httpChallenge]
	entryPoint = "acme"

	[file]

	[backends]

	[backends.acme]

	[backends.acme.servers]
	[backends.acme.servers.server0]
	url = "http://127.0.0.1:81/"

	[backends.backend1]

	[backends.backend1.servers]
	[backends.backend1.servers.server0]
	url = "https://ifconfig.io/"


	[frontends]

	[frontends.acme]
	entryPoints = ["http"]
	backend = "acme"
	passHostHeader = true
	priority = 1000

	[frontends.acme.routes]
	[frontends.acme.routes.route0]
	rule = "PathPrefix:/.well-known/acme-challenge/"

	[frontends.frontend1]
	entryPoints = ["http"]
	backend = "backend1"
	passHostHeader = false
	priority = 1001

	[frontends.frontend1.routes]
	[frontends.frontend1.routes.route0]
	rule = "Host:127.0.0.1.xip.io"
	priority = 1001