add support for Let's Encrypt DNS-01 challenge (for wildcard domains)
start with support for OVH provider, but in a way for others to be added in the future: https://doc.traefik.io/traefik/https/acme/#dnschallenge
This commit is contained in:
parent
8ff2f3a294
commit
2c81622d9a
|
@ -8,6 +8,11 @@ LETS_ENCRYPT_EMAIL=certs@example.com
|
||||||
# WARN, INFO etc.
|
# WARN, INFO etc.
|
||||||
LOG_LEVEL=WARN
|
LOG_LEVEL=WARN
|
||||||
|
|
||||||
|
## Enable dns challenge (for wildcard domains)
|
||||||
|
## https://doc.traefik.io/traefik/https/acme/#dnschallenge
|
||||||
|
#LETS_ENCRYPT_DNS_CHALLENGE_ENABLED=1
|
||||||
|
#LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER=ovh
|
||||||
|
|
||||||
## Enable Keycloak
|
## Enable Keycloak
|
||||||
#COMPOSE_FILE="compose.yml:compose.keycloak.yml"
|
#COMPOSE_FILE="compose.yml:compose.keycloak.yml"
|
||||||
#KEYCLOAK_MIDDLEWARE_ENABLED=1
|
#KEYCLOAK_MIDDLEWARE_ENABLED=1
|
||||||
|
|
|
@ -21,6 +21,14 @@ services:
|
||||||
environment:
|
environment:
|
||||||
- DASHBOARD_ENABLED
|
- DASHBOARD_ENABLED
|
||||||
- LOG_LEVEL
|
- LOG_LEVEL
|
||||||
|
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
||||||
|
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") "ovh" }}
|
||||||
|
- OVH_APPLICATION_KEY
|
||||||
|
- OVH_APPLICATION_SECRET
|
||||||
|
- OVH_CONSUMER_KEY
|
||||||
|
- OVH_ENDPOINT
|
||||||
|
{{ end }}
|
||||||
|
{{ end }}
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD", "traefik", "healthcheck"]
|
test: ["CMD", "traefik", "healthcheck"]
|
||||||
interval: 30s
|
interval: 30s
|
||||||
|
|
|
@ -66,3 +66,7 @@ certificatesResolvers:
|
||||||
storage: /etc/letsencrypt/production-acme.json
|
storage: /etc/letsencrypt/production-acme.json
|
||||||
httpChallenge:
|
httpChallenge:
|
||||||
entryPoint: web
|
entryPoint: web
|
||||||
|
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
||||||
|
dnsChallenge:
|
||||||
|
provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
|
||||||
|
{{ end }}
|
||||||
|
|
Loading…
Reference in New Issue