homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Certificate resolvers.

Browse source 
Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com>
Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com>
This commit is contained in:
Ludovic Fernandez 2019-07-19 11:52:04 +02:00 committed by Traefiker Bot
parent e3627e9cba
commit f75f73f3d2
47 changed files with 1573 additions and 1249 deletions
Download patch file Download diff file Expand all files Collapse all files

93
docs/content/reference/static-configuration/cli-ref.md
View file

@ -36,60 +36,6 @@ Keep access logs with status codes in the specified range.
`--accesslog.format`:
Access log format: json | common (Default: ```common```)
`--acme.acmelogging`:
Enable debug logging of ACME actions. (Default: ```false```)
`--acme.caserver`:
CA server to use. (Default: ```https://acme-v02.api.letsencrypt.org/directory```)
`--acme.dnschallenge`:
Activate DNS-01 Challenge. (Default: ```false```)
`--acme.dnschallenge.delaybeforecheck`:
Assume DNS propagates after a delay in seconds rather than finding and querying nameservers. (Default: ```0```)
`--acme.dnschallenge.disablepropagationcheck`:
Disable the DNS propagation checks before notifying ACME that the DNS challenge is ready. [not recommended] (Default: ```false```)
`--acme.dnschallenge.provider`:
Use a DNS-01 based challenge provider rather than HTTPS.
`--acme.dnschallenge.resolvers`:
Use following DNS servers to resolve the FQDN authority.
`--acme.domains`:
The list of domains for which certificates are generated on startup. Wildcard domains only accepted with DNSChallenge.
`--acme.domains[n].main`:
Default subject name.
`--acme.domains[n].sans`:
Subject alternative names.
`--acme.email`:
Email address used for registration.
`--acme.entrypoint`:
EntryPoint to use.
`--acme.httpchallenge`:
Activate HTTP-01 Challenge. (Default: ```false```)
`--acme.httpchallenge.entrypoint`:
HTTP challenge EntryPoint
`--acme.keytype`:
KeyType used for generating certificate private key. Allow value 'EC256', 'EC384', 'RSA2048', 'RSA4096', 'RSA8192'. (Default: ```RSA4096```)
`--acme.onhostrule`:
Enable certificate generation on router Host rules. (Default: ```false```)
`--acme.storage`:
Storage to use. (Default: ```acme.json```)
`--acme.tlschallenge`:
Activate TLS-ALPN-01 Challenge. (Default: ```true```)
`--api`:
Enable api/dashboard. (Default: ```false```)
@ -111,6 +57,45 @@ Enable more detailed statistics. (Default: ```false```)
`--api.statistics.recenterrors`:
Number of recent errors logged. (Default: ```10```)
`--certificatesresolvers.<name>`:
Certificates resolvers configuration. (Default: ```false```)
`--certificatesresolvers.<name>.acme.caserver`:
CA server to use. (Default: ```https://acme-v02.api.letsencrypt.org/directory```)
`--certificatesresolvers.<name>.acme.dnschallenge`:
Activate DNS-01 Challenge. (Default: ```false```)
`--certificatesresolvers.<name>.acme.dnschallenge.delaybeforecheck`:
Assume DNS propagates after a delay in seconds rather than finding and querying nameservers. (Default: ```0```)
`--certificatesresolvers.<name>.acme.dnschallenge.disablepropagationcheck`:
Disable the DNS propagation checks before notifying ACME that the DNS challenge is ready. [not recommended] (Default: ```false```)
`--certificatesresolvers.<name>.acme.dnschallenge.provider`:
Use a DNS-01 based challenge provider rather than HTTPS.
`--certificatesresolvers.<name>.acme.dnschallenge.resolvers`:
Use following DNS servers to resolve the FQDN authority.
`--certificatesresolvers.<name>.acme.email`:
Email address used for registration.
`--certificatesresolvers.<name>.acme.httpchallenge`:
Activate HTTP-01 Challenge. (Default: ```false```)
`--certificatesresolvers.<name>.acme.httpchallenge.entrypoint`:
HTTP challenge EntryPoint
`--certificatesresolvers.<name>.acme.keytype`:
KeyType used for generating certificate private key. Allow value 'EC256', 'EC384', 'RSA2048', 'RSA4096', 'RSA8192'. (Default: ```RSA4096```)
`--certificatesresolvers.<name>.acme.storage`:
Storage to use. (Default: ```acme.json```)
`--certificatesresolvers.<name>.acme.tlschallenge`:
Activate TLS-ALPN-01 Challenge. (Default: ```true```)
`--entrypoints.<name>`:
Entry points definition. (Default: ```false```)

93
docs/content/reference/static-configuration/env-ref.md
View file

@ -36,60 +36,6 @@ Keep access logs with status codes in the specified range.
`TRAEFIK_ACCESSLOG_FORMAT`:
Access log format: json | common (Default: ```common```)
`TRAEFIK_ACME_ACMELOGGING`:
Enable debug logging of ACME actions. (Default: ```false```)
`TRAEFIK_ACME_CASERVER`:
CA server to use. (Default: ```https://acme-v02.api.letsencrypt.org/directory```)
`TRAEFIK_ACME_DNSCHALLENGE`:
Activate DNS-01 Challenge. (Default: ```false```)
`TRAEFIK_ACME_DNSCHALLENGE_DELAYBEFORECHECK`:
Assume DNS propagates after a delay in seconds rather than finding and querying nameservers. (Default: ```0```)
`TRAEFIK_ACME_DNSCHALLENGE_DISABLEPROPAGATIONCHECK`:
Disable the DNS propagation checks before notifying ACME that the DNS challenge is ready. [not recommended] (Default: ```false```)
`TRAEFIK_ACME_DNSCHALLENGE_PROVIDER`:
Use a DNS-01 based challenge provider rather than HTTPS.
`TRAEFIK_ACME_DNSCHALLENGE_RESOLVERS`:
Use following DNS servers to resolve the FQDN authority.
`TRAEFIK_ACME_DOMAINS`:
The list of domains for which certificates are generated on startup. Wildcard domains only accepted with DNSChallenge.
`TRAEFIK_ACME_DOMAINS[n]_MAIN`:
Default subject name.
`TRAEFIK_ACME_DOMAINS[n]_SANS`:
Subject alternative names.
`TRAEFIK_ACME_EMAIL`:
Email address used for registration.
`TRAEFIK_ACME_ENTRYPOINT`:
EntryPoint to use.
`TRAEFIK_ACME_HTTPCHALLENGE`:
Activate HTTP-01 Challenge. (Default: ```false```)
`TRAEFIK_ACME_HTTPCHALLENGE_ENTRYPOINT`:
HTTP challenge EntryPoint
`TRAEFIK_ACME_KEYTYPE`:
KeyType used for generating certificate private key. Allow value 'EC256', 'EC384', 'RSA2048', 'RSA4096', 'RSA8192'. (Default: ```RSA4096```)
`TRAEFIK_ACME_ONHOSTRULE`:
Enable certificate generation on router Host rules. (Default: ```false```)
`TRAEFIK_ACME_STORAGE`:
Storage to use. (Default: ```acme.json```)
`TRAEFIK_ACME_TLSCHALLENGE`:
Activate TLS-ALPN-01 Challenge. (Default: ```true```)
`TRAEFIK_API`:
Enable api/dashboard. (Default: ```false```)
@ -111,6 +57,45 @@ Enable more detailed statistics. (Default: ```false```)
`TRAEFIK_API_STATISTICS_RECENTERRORS`:
Number of recent errors logged. (Default: ```10```)
`TRAEFIK_CERTIFICATESRESOLVERS_<NAME>`:
Certificates resolvers configuration. (Default: ```false```)
`TRAEFIK_CERTIFICATESRESOLVERS_<NAME>_ACME_CASERVER`:
CA server to use. (Default: ```https://acme-v02.api.letsencrypt.org/directory```)
`TRAEFIK_CERTIFICATESRESOLVERS_<NAME>_ACME_DNSCHALLENGE`:
Activate DNS-01 Challenge. (Default: ```false```)
`TRAEFIK_CERTIFICATESRESOLVERS_<NAME>_ACME_DNSCHALLENGE_DELAYBEFORECHECK`:
Assume DNS propagates after a delay in seconds rather than finding and querying nameservers. (Default: ```0```)
`TRAEFIK_CERTIFICATESRESOLVERS_<NAME>_ACME_DNSCHALLENGE_DISABLEPROPAGATIONCHECK`:
Disable the DNS propagation checks before notifying ACME that the DNS challenge is ready. [not recommended] (Default: ```false```)
`TRAEFIK_CERTIFICATESRESOLVERS_<NAME>_ACME_DNSCHALLENGE_PROVIDER`:
Use a DNS-01 based challenge provider rather than HTTPS.
`TRAEFIK_CERTIFICATESRESOLVERS_<NAME>_ACME_DNSCHALLENGE_RESOLVERS`:
Use following DNS servers to resolve the FQDN authority.
`TRAEFIK_CERTIFICATESRESOLVERS_<NAME>_ACME_EMAIL`:
Email address used for registration.
`TRAEFIK_CERTIFICATESRESOLVERS_<NAME>_ACME_HTTPCHALLENGE`:
Activate HTTP-01 Challenge. (Default: ```false```)
`TRAEFIK_CERTIFICATESRESOLVERS_<NAME>_ACME_HTTPCHALLENGE_ENTRYPOINT`:
HTTP challenge EntryPoint
`TRAEFIK_CERTIFICATESRESOLVERS_<NAME>_ACME_KEYTYPE`:
KeyType used for generating certificate private key. Allow value 'EC256', 'EC384', 'RSA2048', 'RSA4096', 'RSA8192'. (Default: ```RSA4096```)
`TRAEFIK_CERTIFICATESRESOLVERS_<NAME>_ACME_STORAGE`:
Storage to use. (Default: ```acme.json```)
`TRAEFIK_CERTIFICATESRESOLVERS_<NAME>_ACME_TLSCHALLENGE`:
Activate TLS-ALPN-01 Challenge. (Default: ```true```)
`TRAEFIK_ENTRYPOINTS_<NAME>`:
Entry points definition. (Default: ```false```)

2
docs/content/reference/static-configuration/file.toml
View file

@ -221,12 +221,10 @@
[acme]
email = "foobar"
acmeLogging = true
caServer = "foobar"
storage = "foobar"
entryPoint = "foobar"
keyType = "foobar"
onHostRule = true
[acme.dnsChallenge]
provider = "foobar"
delayBeforeCheck = 42

2
docs/content/reference/static-configuration/file.yaml
View file

@ -230,12 +230,10 @@ hostResolver:
resolvDepth: 42
acme:
email: foobar
acmeLogging: true
caServer: foobar
storage: foobar
entryPoint: foobar
keyType: foobar
onHostRule: true
dnsChallenge:
provider: foobar
delayBeforeCheck: 42