homelab/traefik
1
0
Fork 0
Code Activity

Add new certificatesresolvers options

Browse source
This commit is contained in:
Ludovic Fernandez 2025-09-09 17:36:05 +02:00 committed by GitHub
parent 02443545e7
commit a090452807
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 122 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

9
pkg/provider/acme/provider.go
View file

@ -21,6 +21,7 @@ import (
"github.com/go-acme/lego/v4/challenge"
"github.com/go-acme/lego/v4/challenge/dns01"
"github.com/go-acme/lego/v4/challenge/http01"
"github.com/go-acme/lego/v4/challenge/tlsalpn01"
"github.com/go-acme/lego/v4/lego"
"github.com/go-acme/lego/v4/providers/dns"
"github.com/go-acme/lego/v4/registration"
@ -45,6 +46,7 @@ type Configuration struct {
PreferredChain string `description:"Preferred chain to use." json:"preferredChain,omitempty" toml:"preferredChain,omitempty" yaml:"preferredChain,omitempty" export:"true"`
Profile string `description:"Certificate profile to use." json:"profile,omitempty" toml:"profile,omitempty" yaml:"profile,omitempty" export:"true"`
EmailAddresses []string `description:"CSR email addresses to use." json:"emailAddresses,omitempty" toml:"emailAddresses,omitempty" yaml:"emailAddresses,omitempty"`
DisableCommonName bool `description:"Disable the common name in the CSR." json:"disableCommonName,omitempty" toml:"disableCommonName,omitempty" yaml:"disableCommonName,omitempty" export:"true"`
Storage string `description:"Storage to use." json:"storage,omitempty" toml:"storage,omitempty" yaml:"storage,omitempty" export:"true"`
KeyType string `description:"KeyType used for generating certificate private key. Allow value 'EC256', 'EC384', 'RSA2048', 'RSA4096', 'RSA8192'." json:"keyType,omitempty" toml:"keyType,omitempty" yaml:"keyType,omitempty" export:"true"`
EAB *EAB `description:"External Account Binding to use." json:"eab,omitempty" toml:"eab,omitempty" yaml:"eab,omitempty"`
@ -117,7 +119,9 @@ type HTTPChallenge struct {
}
// TLSChallenge contains TLS challenge configuration.
type TLSChallenge struct{}
type TLSChallenge struct {
Delay ptypes.Duration `description:"Delay between the creation of the challenge and the validation." json:"delay,omitempty" toml:"delay,omitempty" yaml:"delay,omitempty" export:"true"`
}
// Provider holds configurations of the provider.
type Provider struct {
@ -292,6 +296,7 @@ func (p *Provider) getClient() (*lego.Client, error) {
config.CADirURL = caServer
config.Certificate.KeyType = GetKeyType(ctx, p.KeyType)
config.UserAgent = fmt.Sprintf("containous-traefik/%s", version.Version)
config.Certificate.DisableCommonName = p.DisableCommonName
config.HTTPClient, err = p.createHTTPClient()
if err != nil {
@ -371,7 +376,7 @@ func (p *Provider) getClient() (*lego.Client, error) {
if p.TLSChallenge != nil {
logger.Debug().Msg("Using TLS Challenge provider.")
err = client.Challenge.SetTLSALPN01Provider(p.TLSChallengeProvider)
err = client.Challenge.SetTLSALPN01Provider(p.TLSChallengeProvider, tlsalpn01.SetDelay(time.Duration(p.TLSChallenge.Delay)))
if err != nil {
return nil, err
}