add support for Let's Encrypt DNS-01 challenge (for wildcard domains)
start with support for OVH provider, but in a way for others to be added in the future: https://doc.traefik.io/traefik/https/acme/#dnschallenge
This commit is contained in:
parent
8ff2f3a294
commit
2c81622d9a
|
@ -8,6 +8,11 @@ LETS_ENCRYPT_EMAIL=certs@example.com
|
|||
# WARN, INFO etc.
|
||||
LOG_LEVEL=WARN
|
||||
|
||||
## Enable dns challenge (for wildcard domains)
|
||||
## https://doc.traefik.io/traefik/https/acme/#dnschallenge
|
||||
#LETS_ENCRYPT_DNS_CHALLENGE_ENABLED=1
|
||||
#LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER=ovh
|
||||
|
||||
## Enable Keycloak
|
||||
#COMPOSE_FILE="compose.yml:compose.keycloak.yml"
|
||||
#KEYCLOAK_MIDDLEWARE_ENABLED=1
|
||||
|
|
|
@ -21,6 +21,14 @@ services:
|
|||
environment:
|
||||
- DASHBOARD_ENABLED
|
||||
- LOG_LEVEL
|
||||
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
||||
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") "ovh" }}
|
||||
- OVH_APPLICATION_KEY
|
||||
- OVH_APPLICATION_SECRET
|
||||
- OVH_CONSUMER_KEY
|
||||
- OVH_ENDPOINT
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
healthcheck:
|
||||
test: ["CMD", "traefik", "healthcheck"]
|
||||
interval: 30s
|
||||
|
|
|
@ -66,3 +66,7 @@ certificatesResolvers:
|
|||
storage: /etc/letsencrypt/production-acme.json
|
||||
httpChallenge:
|
||||
entryPoint: web
|
||||
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
||||
dnsChallenge:
|
||||
provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
|
||||
{{ end }}
|
||||
|
|
Loading…
Reference in New Issue