Unable to deploy docker image with HTTPS SSL certificate

Contents of .env

# .env
FRAPPE_SITE_NAME_HEADER=erp.site.com # don't know if this is necessary, but since the instructions say that SITE_NAME must be set, it has been set to the domain name

Generate YAML

docker compose -f compose.yaml \
  -f overrides/compose.mariadb.yaml \
  -f overrides/compose.redis.yaml \
  -f overrides/compose.https.yaml \
  config > ~/gitops/docker-compose.yml

Start containers

docker compose --project-name site -f ~/gitops/docker-compose.yml up -d

Setup new site

docker-compose exec backend bench new-site erp.site.com --no-mariadb-socket --mariadb-root-password 123 --admin-password admin --install-app erpnext

The installation succeeds and ERP is accessible via HTTPS, but traefik is only deploying a self-signed certificate, not LetsEncrypt.

What am I doing wrong?

can you share this file?

latest changes will need you to set SITES environment variable

I got one instance to work with SSL successfully. Now I am trying to get multiple instances of ERP to work with SSL.

All the instances show up in Traefik but the SSL certificates are not being issued.

update the SITES variable again with list of sites quoted in ` and separated by ,


labels need to change

I got multiple instances to work as well but there is a limitation. I cannot have aliases to the same instance.

For example, if I intend to point erp.site1.com and erp.site2.com to the same instance, Traefik does not deploy the SSL certificate. The SITE var, as you advised, has to be set to a single domain only, or it will not deploy the certificate.

Is this intended? Will I be able to point both erp.site1.com as well as erp.site2.com with SSL to the same instance?

you can add one more frontend container and label it to serve some sites.

that frontend can override frappe site name header and set existing site to be served, labels can specify new domain to create certificate for

1 Like