Issuing certs directly to Traefik?

Ok, I just enabled TLS cert provisioning for my Tailnet. Looks like you guys are issuing LetsEncrypt using standard DNS challenges, which is great. That’s how I’m doing it now on my Traefik instances, with the DNS Made Easy module.

If you’re unaware, you just throw your Traefik container a couple of extra environment variables like this (samples from one of my docker-compose files):

      - DNSMADEEASY_API_KEY=[redacted]
      - DNSMADEEASY_API_SECRET=[redacted]

Is there any analogous way to do this directly with tailscale? Further, how would I handle multiple services on a single host? Like say I’ve got host1, that I’d like to have expose multiple apps like,, etc.? I find myself wondering how/where I’d go to create those app[1…] mappings back to host1. Or is this all pie-in-the-sky and I should be trotting off to GitHub and filing Issue tickets?