acme

package
v1.6.0-rc2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 27, 2018 License: MIT Imports: 29 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// RegistrationURLPathV1Regexp is a regexp which match ACME registration URL in the V1 format
	RegistrationURLPathV1Regexp string = `^.*/acme/reg/\d+$`
)

Variables

View Source
var (
	// OSCPMustStaple enables OSCP stapling as from https://github.com/xenolf/lego/issues/270
	OSCPMustStaple = false
)

Functions

func IsEnabled

func IsEnabled() bool

IsEnabled returns true if the provider instance and its configuration are not nil, otherwise false

Types

type Account

type Account struct {
	Email        string
	Registration *acme.RegistrationResource
	PrivateKey   []byte
}

Account is used to store lets encrypt registration info

func NewAccount

func NewAccount(email string) (*Account, error)

NewAccount creates an account

func (*Account) GetEmail

func (a *Account) GetEmail() string

GetEmail returns email

func (*Account) GetPrivateKey

func (a *Account) GetPrivateKey() crypto.PrivateKey

GetPrivateKey returns private key

func (*Account) GetRegistration

func (a *Account) GetRegistration() *acme.RegistrationResource

GetRegistration returns lets encrypt registration resource

type Certificate

type Certificate struct {
	Domain      types.Domain
	Certificate []byte
	Key         []byte
}

Certificate is a struct which contains all data needed from an ACME certificate

type Configuration

type Configuration struct {
	Email       string `description:"Email address used for registration"`
	ACMELogging bool   `description:"Enable debug logging of ACME actions."`
	CAServer    string `description:"CA server to use."`
	Storage     string `description:"Storage to use."`
	EntryPoint  string `description:"EntryPoint to use."`
	OnHostRule  bool   `description:"Enable certificate generation on frontends Host rules."`
	OnDemand    bool   `` //deprecated
	/* 189-byte string literal not displayed */
	DNSChallenge  *DNSChallenge  `description:"Activate DNS-01 Challenge"`
	HTTPChallenge *HTTPChallenge `description:"Activate HTTP-01 Challenge"`
	Domains       []types.Domain `` /* 233-byte string literal not displayed */
}

Configuration holds ACME configuration provided by users

type DNSChallenge

type DNSChallenge struct {
	Provider         string         `description:"Use a DNS-01 based challenge provider rather than HTTPS."`
	DelayBeforeCheck flaeg.Duration `description:"Assume DNS propagates after a delay in seconds rather than finding and querying nameservers."`
}

DNSChallenge contains DNS challenge Configuration

type HTTPChallenge

type HTTPChallenge struct {
	EntryPoint string `description:"HTTP challenge EntryPoint"`
}

HTTPChallenge contains HTTP challenge Configuration

type LocalStore

type LocalStore struct {
	SaveDataChan chan *StoredData
	// contains filtered or unexported fields
}

LocalStore Store implementation for local file

func NewLocalStore

func NewLocalStore(filename string) LocalStore

NewLocalStore initializes a new LocalStore with a file name

func (*LocalStore) GetAccount

func (s *LocalStore) GetAccount() (*Account, error)

GetAccount returns ACME Account

func (*LocalStore) GetCertificates

func (s *LocalStore) GetCertificates() ([]*Certificate, error)

GetCertificates returns ACME Certificates list

func (*LocalStore) GetHTTPChallenges

func (s *LocalStore) GetHTTPChallenges() (map[string]map[string][]byte, error)

GetHTTPChallenges returns ACME HTTP Challenges list

func (*LocalStore) SaveAccount

func (s *LocalStore) SaveAccount(account *Account) error

SaveAccount stores ACME Account

func (*LocalStore) SaveCertificates

func (s *LocalStore) SaveCertificates(certificates []*Certificate) error

SaveCertificates stores ACME Certificates list

func (*LocalStore) SaveHTTPChallenges

func (s *LocalStore) SaveHTTPChallenges(httpChallenges map[string]map[string][]byte) error

SaveHTTPChallenges stores ACME HTTP Challenges list

type Provider

type Provider struct {
	*Configuration
	Store Store
	// contains filtered or unexported fields
}

Provider holds configurations of the provider.

func Get

func Get() *Provider

Get returns the provider instance

func (*Provider) AddRoutes

func (p *Provider) AddRoutes(router *mux.Router)

AddRoutes add routes on internal router

func (*Provider) CleanUp

func (p *Provider) CleanUp(domain, token, keyAuth string) error

CleanUp cleans the challenges when certificate is obtained

func (*Provider) ListenConfiguration

func (p *Provider) ListenConfiguration(config types.Configuration)

ListenConfiguration sets a new Configuration into the configFromListenerChan

func (*Provider) ListenRequest

func (p *Provider) ListenRequest(domain string) (*tls.Certificate, error)

ListenRequest resolves new certificates for a domain from an incoming request and return a valid Certificate to serve (onDemand option)

func (*Provider) Present

func (p *Provider) Present(domain, token, keyAuth string) error

Present presents a challenge to obtain new ACME certificate

func (*Provider) Provide

func (p *Provider) Provide(configurationChan chan<- types.ConfigMessage, pool *safe.Pool, constraints types.Constraints) error

Provide allows the file provider to provide configurations to traefik using the given Configuration channel.

func (*Provider) SetConfigListenerChan

func (p *Provider) SetConfigListenerChan(configFromListenerChan chan types.Configuration)

SetConfigListenerChan initializes the configFromListenerChan

func (*Provider) SetDynamicCertificates

func (p *Provider) SetDynamicCertificates(safe *safe.Safe)

SetDynamicCertificates allow to initialize dynamicCerts map

func (*Provider) SetStaticCertificates

func (p *Provider) SetStaticCertificates(staticCerts map[string]*tls.Certificate)

SetStaticCertificates allow to initialize staticCerts map

func (*Provider) Timeout

func (p *Provider) Timeout() (timeout, interval time.Duration)

Timeout calculates the maximum of time allowed to resolved an ACME challenge

type Store

type Store interface {
	GetAccount() (*Account, error)
	SaveAccount(*Account) error
	GetCertificates() ([]*Certificate, error)
	SaveCertificates([]*Certificate) error
	GetHTTPChallenges() (map[string]map[string][]byte, error)
	SaveHTTPChallenges(map[string]map[string][]byte) error
}

Store is a generic interface to represents a storage

type StoredData

type StoredData struct {
	Account        *Account
	Certificates   []*Certificate
	HTTPChallenges map[string]map[string][]byte
}

StoredData represents the data managed by the Store

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL