homelab/traefik
1
0
Fork 0
Code Activity

Merge branch v2.11 into v3.0

Browse source
This commit is contained in:
mmatur 2024-01-03 16:45:47 +01:00
commit a69c1ba3b7
No known key found for this signature in database
GPG key ID: 2FFE42FC256CFF8E
112 changed files with 1133 additions and 238 deletions
Download patch file Download diff file Expand all files Collapse all files

12
docs/content/user-guides/docker-compose/acme-dns/index.md
View file

@ -3,9 +3,9 @@ title: "Traefik Docker DNS Challenge Documentation"
description: "Learn how to create a certificate with the Let's Encrypt DNS challenge to use HTTPS on a Service exposed with Traefik Proxy. Read the tehnical documentation."
---
# Docker-compose with let's encrypt: DNS Challenge
# Docker-compose with Let's Encrypt: DNS Challenge
This guide aim to demonstrate how to create a certificate with the let's encrypt DNS challenge to use https on a simple service exposed with Traefik.
This guide aim to demonstrate how to create a certificate with the Let's Encrypt DNS challenge to use https on a simple service exposed with Traefik.
Please also read the [basic example](../basic-example) for details on how to expose such a service.
## Prerequisite
@ -52,7 +52,7 @@ For the DNS challenge, you'll need:
!!! Note
If you uncommented the `acme.caserver` line, you will get an SSL error, but if you display the certificate and see it was emitted by `Fake LE Intermediate X1` then it means all is good.
(It is the staging environment intermediate certificate used by let's encrypt).
(It is the staging environment intermediate certificate used by Let's Encrypt).
You can now safely comment the `acme.caserver` line, remove the `letsencrypt/acme.json` file and restart Traefik to issue a valid certificate.
## Explanation
@ -69,7 +69,7 @@ ports:
- "443:443"
```
- We configure the DNS let's encrypt challenge:
- We configure the DNS Let's Encrypt challenge:
```yaml
command:
@ -77,7 +77,7 @@ command:
- "--certificatesresolvers.myresolver.acme.dnschallenge=true"
# Tell which provider to use
- "--certificatesresolvers.myresolver.acme.dnschallenge.provider=ovh"
# The email to provide to let's encrypt
# The email to provide to Let's Encrypt
- "--certificatesresolvers.myresolver.acme.email=postmaster@example.com"
```
@ -175,7 +175,7 @@ services:
- "ovh_consumer_key"
```
- The environment variable within our `whoami` service are suffixed by `_FILE` which allow us to point to files containing the value, instead of exposing the value itself.
- The environment variable within our `traefik` service are suffixed by `_FILE` which allow us to point to files containing the value, instead of exposing the value itself.
The acme client will read the content of those file to get the required configuration values.
```yaml