From 4b6c388ed97a746343bef58ab586e4e7fc07fd90 Mon Sep 17 00:00:00 2001
From: Ian Fijolek <ian@iamthefij.com>
Date: Thu, 28 Jul 2022 15:11:24 -0700
Subject: [PATCH] Traefik wildcard certs

---
 nomad/traefik/traefik.nomad | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/nomad/traefik/traefik.nomad b/nomad/traefik/traefik.nomad
index 9168c59..cc66bdf 100644
--- a/nomad/traefik/traefik.nomad
+++ b/nomad/traefik/traefik.nomad
@@ -106,6 +106,8 @@ job "traefik" {
     [entryPoints.websecure.http.tls]
     << if keyExists "traefik/acme/email" ->>
       certResolver = "letsEncrypt"
+      [[entryPoints.websecure.http.tls.domains]]
+        main = "*.<< keyOrDefault "global/base_hostname" "${var.base_hostname}" >>"
     << end ->>
 
   [entryPoints.metrics]
@@ -137,7 +139,7 @@ job "traefik" {
 << if keyExists "traefik/acme/email" ->>
 [certificatesResolvers.letsEncrypt.acme]
   email = "<< key "traefik/acme/email" >>"
-  storage = "acme.json"
+  storage = "/secrets/acme.json"
   [certificatesResolvers.letsEncrypt.acme.dnsChallenge]
     provider = "cloudflare"
     resolvers = ["1.1.1.1:53", "8.8.8.8:53"]