Chapter 1: Custom Domains¶
Progress Indicator¶
Module 3: Going Live
├─ Chapter 1: Custom Domains ← YOU ARE HERE
├─ Chapter 2: Environment Secrets
└─ Chapter 3: Monitoring & Logs
Learning Objectives¶
By the end of this chapter, you will: - Understand DNS concepts and how domains work - Configure DNS records for your domain - Connect your domain to your EgyGeeks application using Traefik - Test and verify your domain configuration
Prerequisites¶
- A domain registered with any registrar (GoDaddy, Namecheap, etc.)
- An application already deployed and running
- Access to your domain registrar's control panel
- Your application's public IP address or CNAME target
Step 1: Understand DNS Basics¶
What is DNS?¶
DNS (Domain Name System) translates human-readable domain names into IP addresses. When someone visits myapp.com, DNS tells their browser where to find your application.
DNS Record Types¶
For connecting your domain to EgyGeeks, you'll use:
| Record Type | Purpose | Example |
|---|---|---|
| A Record | Points domain to IP address | myapp.com → 192.168.1.100 |
| CNAME Record | Points domain to another domain | www.myapp.com → myapp.com |
| MX Record | Mail server configuration | For email services |
Step 2: Get Your Application's Target¶
Find Your Public IP or CNAME¶
First, determine what your DNS record should point to. This depends on your deployment:
If using a cloud provider (AWS, Linode, DigitalOcean):
If using a load balancer or reverse proxy:
Quick Check¶
# Test your application is accessible at its current address
curl http://<your-ip-or-host>
# You should see your application responding
Step 3: Configure DNS Records¶
Access Your Domain Registrar¶
- Log in to your domain registrar (GoDaddy, Namecheap, Cloudflare, etc.)
- Find the DNS or Name Servers section
- Look for DNS Records or Zone File management
Add DNS Records¶
For the root domain (myapp.com):
Using an A Record: - Type: A - Name/Host: @ or leave blank - Value: Your application's IP address - TTL: 3600 (1 hour) - can be changed later
For www subdomain (www.myapp.com):
Using a CNAME Record: - Type: CNAME - Name/Host: www - Value: myapp.com - TTL: 3600
DNS Configuration Example¶
Domain: myapp.com
Registrar: Namecheap
Records:
┌─────────────┬──────────┬───────────────────┐
│ Type │ Name │ Value │
├─────────────┼──────────┼───────────────────┤
│ A │ @ │ 192.0.2.10 │
│ CNAME │ www │ myapp.com │
└─────────────┴──────────┴───────────────────┘
Step 4: Configure Traefik Labels¶
Traefik is the reverse proxy that handles routing to your application. You need to add labels to tell Traefik about your domain.
Update docker-compose.yml¶
Add these labels to your application service:
services:
myapp:
image: your-image:latest
labels:
# Enable Traefik for this service
- "traefik.enable=true"
# HTTP routing
- "traefik.http.routers.myapp.rule=Host(`myapp.com`) || Host(`www.myapp.com`)"
- "traefik.http.routers.myapp.entrypoints=web"
# Port where your app listens
- "traefik.http.services.myapp.loadbalancer.server.port=3000"
# HTTPS/SSL (we'll configure this next)
- "traefik.http.routers.myapp-secure.rule=Host(`myapp.com`) || Host(`www.myapp.com`)"
- "traefik.http.routers.myapp-secure.entrypoints=websecure"
- "traefik.http.routers.myapp-secure.tls.certresolver=letsencrypt"
- "traefik.http.services.myapp-secure.loadbalancer.server.port=3000"
Full docker-compose.yml Example¶
version: '3.8'
services:
traefik:
image: traefik:v2.10
command:
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencrypt.acme.email=your-email@example.com"
- "--certificatesresolvers.letsencrypt.acme.storage=/acme.json"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./acme.json:/acme.json
networks:
- web
myapp:
image: your-image:latest
expose:
- 3000
networks:
- web
labels:
- "traefik.enable=true"
- "traefik.http.routers.myapp.rule=Host(`myapp.com`) || Host(`www.myapp.com`)"
- "traefik.http.routers.myapp.entrypoints=web"
- "traefik.http.routers.myapp.middlewares=redirect-to-https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.myapp-secure.rule=Host(`myapp.com`) || Host(`www.myapp.com`)"
- "traefik.http.routers.myapp-secure.entrypoints=websecure"
- "traefik.http.routers.myapp-secure.tls.certresolver=letsencrypt"
- "traefik.http.services.myapp.loadbalancer.server.port=3000"
networks:
web:
driver: bridge
Step 5: Deploy with Updated Configuration¶
Apply the Changes¶
# Stop the current deployment
docker-compose down
# Start with the new configuration
docker-compose up -d
# Check Traefik is running
docker-compose logs traefik
Wait for DNS Propagation¶
DNS changes take time to propagate globally (usually 24-48 hours, but can be immediate):
# Check if your domain is resolving
nslookup myapp.com
# or
dig myapp.com
# Should show your IP address
Step 6: Verify Your Configuration¶
Test HTTP Access¶
# Test your domain (may take time to propagate)
curl http://myapp.com
# Test www subdomain
curl http://www.myapp.com
# Follow redirects to see HTTPS
curl -L http://myapp.com
Check Traefik Dashboard¶
You should see: - Your router rules for myapp.com and www.myapp.com - Status showing "200 OK" - SSL certificates being issued
Browser Test¶
Open your browser and navigate to: - http://myapp.com - Should load your application - https://myapp.com - Should work (after SSL certificate is issued) - https://www.myapp.com - Should also work
Troubleshooting¶
Domain Not Resolving¶
Problem: nslookup myapp.com returns "server can't find"
Solutions: - Wait longer for DNS propagation (up to 48 hours) - Check registrar dashboard - confirm A record is set - Clear local DNS cache:
Connection Refused¶
Problem: curl http://myapp.com returns "Connection refused"
Solutions: - Verify application is running: docker-compose ps - Check port 80 is not blocked by firewall - Verify Traefik is running: docker logs traefik-container-name - Check service name matches in docker-compose
SSL Certificate Not Issued¶
Problem: Browser shows "SSL certificate not found"
Solutions: - Wait 5-10 minutes for Let's Encrypt to issue certificate - Check Traefik logs: docker-compose logs traefik - Verify email in Traefik configuration is correct - Check acme.json file exists and is writable: ls -l acme.json
Traefik Labels Not Applied¶
Problem: Domain shows no route in Traefik dashboard
Solutions: - Restart the service: docker-compose restart myapp - Verify labels are in docker-compose.yml with correct indentation - Check labels syntax - use backticks not quotes for domains - Restart Traefik: docker-compose restart traefik
AI Prompts for This Lesson¶
Domain DNS Configuration¶
Generate DNS Records
I'm setting up a custom domain for my EgyGeeks deployment.
My domain: [yourdomain.com]
My app is deployed at IP: 50.3.85.110
I want both root domain and www subdomain to work.
Generate the complete DNS configuration:
1. A records for root domain
2. CNAME records for www subdomain
3. Any required TXT records for verification
Also explain:
- Expected DNS propagation time
- How to verify DNS is working
- Commands to test DNS resolution
Multi-Domain Setup
I want to host multiple applications on the same server.
Server IP: 50.3.85.110
Domains:
- myapp.com → app service (port 3000)
- api.myapp.com → api service (port 8000)
- admin.myapp.com → admin service (port 4000)
Generate:
1. DNS records for all three domains
2. Complete docker-compose.yml with Traefik labels
3. SSL/HTTPS configuration for each domain
Traefik Configuration¶
Generate Traefik Labels
Help me configure Traefik for my application.
Domain: [yourdomain.com]
Application port: [3000]
Technology: [Node.js/Python/etc]
Generate Traefik labels for:
1. HTTP routing (both root and www)
2. HTTPS/SSL with Let's Encrypt
3. HTTP to HTTPS redirect
4. Port configuration
Include the complete docker-compose.yml service configuration.
Subdomain Routing
I need to route different subdomains to different services.
Setup:
- app.egygeeks.com → main app (port 3000)
- api.egygeeks.com → API server (port 8000)
- docs.egygeeks.com → documentation (port 8080)
All should:
- Use SSL/HTTPS
- Redirect HTTP to HTTPS
- Auto-renew certificates
Generate the complete Traefik configuration.
SSL Certificate Troubleshooting¶
SSL Certificate Not Working?
My custom domain shows SSL errors.
Domain: [yourdomain.com]
Server IP: 50.3.85.110
Output from `docker compose logs traefik | grep letsencrypt`:
[paste logs here]
My Traefik labels from docker-compose.yml:
[paste your labels here]
Browser error:
[describe the SSL error message]
Help me fix the SSL certificate issue. What could be wrong?
Domain Not Resolving?
Connection Issues¶
Connection Refused Error
Getting "Connection refused" when accessing my domain.
Domain: [yourdomain.com]
DNS resolves to: [IP from nslookup]
Expected IP: 50.3.85.110
Output from `docker-compose ps`:
[paste output]
Output from `docker-compose logs traefik | tail -50`:
[paste logs]
Output from `curl http://50.3.85.110`:
[paste output]
What could be blocking the connection?
Test Domain Configuration
I've configured my domain but want to verify everything is correct.
Domain: [yourdomain.com]
Server IP: 50.3.85.110
Generate a complete testing checklist:
1. DNS resolution tests
2. HTTP/HTTPS connectivity tests
3. SSL certificate verification
4. Redirect testing (HTTP → HTTPS)
5. www vs non-www testing
Include all commands I should run.
What's Next¶
Congratulations! Your domain is now connected. Next, you need to:
→ Chapter 2: Environment Secrets
Learn how to securely manage environment variables and sensitive data like API keys, database passwords, and authentication tokens.
Help & Support¶
- DNS Issues? Most domain-related problems are DNS propagation delays
- Traefik Questions? Check the Traefik documentation: https://doc.traefik.io/
- Still Stuck? Check our troubleshooting guide or contact support
Need clarification on any step? Feel free to ask in the community forums or check the FAQ section.