Configure Traefik for wildcard SSL certificates

- Add DNS resolvers (1.1.1.1, 8.8.8.8) to traefik.yml for faster DNS challenge - Create wildcard-cert.yml to request *.kelinreij.duckdns.org certificate - Add comprehensive setup documentation for wildcard certificates - Update to use production Let's Encrypt email This configuration will automatically request a wildcard certificate covering all subdomains once the Let's Encrypt rate limit resets (Feb 13, 2026 at 21:33 UTC), eliminating the need for individual per-service certificates.
2026-02-12 17:55:42 -05:00
parent 82b34fd2b7
commit 9454b3862e
3 changed files with 122 additions and 1 deletions
--- a/docker-compose/core/traefik/traefik.yml
+++ b/docker-compose/core/traefik/traefik.yml
@@ -27,13 +27,16 @@ entryPoints:
 certificatesResolvers:
  letsencrypt:
    acme:
-      email: ${DEFAULT_EMAIL}  # Your email for Let's Encrypt notifications
+      email: kelinshomelab@gmail.com  # Your email for Let's Encrypt notifications
      caServer: https://acme-v02.api.letsencrypt.org/directory  # Use staging for testing
      storage: /letsencrypt/acme.json
      # DNS challenge - For wildcard certificates (*.yourdomain.duckdns.org)
      # Works with DuckDNS - requires DUCKDNS_TOKEN in environment
      dnsChallenge:
        provider: duckdns
+        resolvers:
+          - "1.1.1.1:53"
+          - "8.8.8.8:53"

 providers:
  docker: