The most simple use case is to deploy Meli on a single VPS, or have it co-exist with other containers on a VPS by giving it its own IP (failover). It will make your life a lot easier. In particular, it will save you the hassle of managing your SSL certificates.
Branch SSL certificates are not supported at the moment because you would need to generate a wildcard certificate for each site. We will be fixing this soon. Custom domain SSL certificate management is also your responsibility.
Meli by default uses Caddy's automatic HTTPS support to deploy with Let's Encrypt certificates for your configured domain. However, deployment behind a reverse proxy is supported, but you will need to handle SSL certificate issuance and renewal on your own - you will want to get a wildcard SSL certificate instead. We assume you have followed the installation guide.
The following needs to be done in your
- Make sure
MELI_URLis set to have
httpsas it's scheme
- Change the ports
- Add the environment variable
MELI_HTTPS_AUTO: 0to stop automatic provisioning of SSL certificates
Depending on your setup, you may choose to setup wildcard certificates from Let's Encrypt on your own. This can be done by using certbot:
You will also have to generate wildcard certificates for site branches. We plan to simplify this process.
Please change the domain names to reflect your setup.
Domains are enclosed within quotes to avoid shell errors.
Certbot will let you know that you need to setup
TXT records with your DNS provider, and upon doing so your certificates will be generated. This process can also be automated using plugins. Check out this page from Certbot docs to see if there is a compatible plugin for your DNS provider.
If you are deploying Meli to a server that is running Nginx, you may use the following configuration file as a starting point.
Branches are not supported at the moment because you would need to generate a wildcard certificate for each site. We'll be fixing this soon.
To deploy Meli behind a Traefik reverse proxy, you'll need to:
- define a DNS challenge certificate resolver
- configure Traefik for Meli so that it generates wildcard certificates
- disable Meli's default HTTPs configuration to delegate it to Traefik. This is done by setting
Here is an example using the OVH DNS challenge provider: