Hey friend,

Great question. You do not need a separate server for each domain. Set aside the Docker/SSL thing for a moment, these will make more sense in the context of the most basic function for achieving the desired result.

When a user visits your domain they hit your web server, so that is the first need. The web server can then be configured to return different content based on the domain that they visited. This is called a Virtual Host in Apache, or a Server Block in Nginx. Each virtual host/server block configured in the web server can represent a different domain, or subdomain (whatever you need/prefer).

So regardless of whether or not you are using Docker, or simply a standalone web server outside of any Docker containers which redirects flow based on the requested domain, that web server must be listening on port 443 (for SSL, port 80 for non-SSL) and must be configured to serve content for that domain.

Personally, I use Caddy and I reverse proxy to ports that I’ve exposed from my Docker containers as needed. I just enjoy the syntax, for example:

hostname.tld {
        proxy / http://127.0.0.1:9000 {
                transparent
        }
}

Then “hostname.tld” returns the app listening on port 9000. The next block could be a copy/paste of that with “hostname2.tld” and port 9001, for example.

This can be accomplished with the applications of your choice, and there are many to choose from. I’m sure Traefik can accomplish this fine as well, it’s just not part of my personal workflow so it may require input from someone else.

Jarland

I ended up using Nginx Proxy by JWilder + LetsEncrypt Nginx Companion by jrcs

I understand everything you have said but I have a question about ssl.

Where would I apply my certs?
Can I have 1 cert on caddy for all domains?(I’m guessing not)
If I have ssl enabled from the container level, how would I handle containers for subdomains? I’m guessing they would use the same cert correct?