Documentation ¶
Index ¶
- Constants
- Variables
- func CheckFile(name string) (bool, error)
- func GetKeyType(value string) acme.KeyType
- func SetPropagationCheck(disable bool)
- func SetRecursiveNameServers(dnsResolvers []string)
- type Account
- type Certificate
- type Configuration
- type DNSChallenge
- type HTTPChallenge
- type LocalStore
- func (s *LocalStore) AddTLSChallenge(domain string, cert *Certificate) error
- func (s *LocalStore) GetAccount() (*Account, error)
- func (s *LocalStore) GetCertificates() ([]*Certificate, error)
- func (s *LocalStore) GetHTTPChallengeToken(token, domain string) ([]byte, error)
- func (s *LocalStore) GetTLSChallenge(domain string) (*Certificate, error)
- func (s *LocalStore) RemoveHTTPChallengeToken(token, domain string) error
- func (s *LocalStore) RemoveTLSChallenge(domain string) error
- func (s *LocalStore) SaveAccount(account *Account) error
- func (s *LocalStore) SaveCertificates(certificates []*Certificate) error
- func (s *LocalStore) SetHTTPChallengeToken(token, domain string, keyAuth []byte) error
- type Provider
- func (p *Provider) AddRoutes(router *mux.Router)
- func (p *Provider) GetTLSALPNCertificate(domain string) (*tls.Certificate, error)
- func (p *Provider) Init(_ types.Constraints) error
- func (p *Provider) ListenConfiguration(config types.Configuration)
- func (p *Provider) ListenRequest(domain string) (*tls.Certificate, error)
- func (p *Provider) Provide(configurationChan chan<- types.ConfigMessage, pool *safe.Pool) error
- func (p *Provider) SetCertificateStore(certificateStore *traefiktls.CertificateStore)
- func (p *Provider) SetConfigListenerChan(configFromListenerChan chan types.Configuration)
- type Store
- type StoredData
- type TLSChallenge
Constants ¶
const (
// RegistrationURLPathV1Regexp is a regexp which match ACME registration URL in the V1 format
RegistrationURLPathV1Regexp = `^.*/acme/reg/\d+$`
)
Variables ¶
var ( // OSCPMustStaple enables OSCP stapling as from https://github.com/xenolf/lego/issues/270 OSCPMustStaple = false )
Functions ¶
func GetKeyType ¶ added in v1.7.0
GetKeyType used to determine which algo to used
func SetPropagationCheck ¶ added in v1.7.4
func SetPropagationCheck(disable bool)
SetPropagationCheck to disable the Lego PreCheck.
func SetRecursiveNameServers ¶ added in v1.7.4
func SetRecursiveNameServers(dnsResolvers []string)
SetRecursiveNameServers to provide a custom DNS resolver.
Types ¶
type Account ¶
type Account struct { Email string Registration *acme.RegistrationResource PrivateKey []byte KeyType acme.KeyType }
Account is used to store lets encrypt registration info
func NewAccount ¶
NewAccount creates an account
func (*Account) GetPrivateKey ¶
func (a *Account) GetPrivateKey() crypto.PrivateKey
GetPrivateKey returns private key
func (*Account) GetRegistration ¶
func (a *Account) GetRegistration() *acme.RegistrationResource
GetRegistration returns lets encrypt registration resource
type Certificate ¶
Certificate is a struct which contains all data needed from an ACME certificate
type Configuration ¶
type Configuration struct { Email string `description:"Email address used for registration"` ACMELogging bool `description:"Enable debug logging of ACME actions."` CAServer string `description:"CA server to use."` Storage string `description:"Storage to use."` EntryPoint string `description:"EntryPoint to use."` KeyType string `` /* 150-byte string literal not displayed */ OnHostRule bool `description:"Enable certificate generation on frontends Host rules."` OnDemand bool `` // Deprecated /* 189-byte string literal not displayed */ DNSChallenge *DNSChallenge `description:"Activate DNS-01 Challenge"` HTTPChallenge *HTTPChallenge `description:"Activate HTTP-01 Challenge"` TLSChallenge *TLSChallenge `description:"Activate TLS-ALPN-01 Challenge"` Domains []types.Domain `` /* 233-byte string literal not displayed */ }
Configuration holds ACME configuration provided by users
type DNSChallenge ¶
type DNSChallenge struct { Provider string `description:"Use a DNS-01 based challenge provider rather than HTTPS."` DelayBeforeCheck flaeg.Duration `description:"Assume DNS propagates after a delay in seconds rather than finding and querying nameservers."` Resolvers types.DNSResolvers `description:"Use following DNS servers to resolve the FQDN authority."` DisablePropagationCheck bool `description:"Disable the DNS propagation checks before notifying ACME that the DNS challenge is ready. [not recommended]"` // contains filtered or unexported fields }
DNSChallenge contains DNS challenge Configuration
type HTTPChallenge ¶
type HTTPChallenge struct {
EntryPoint string `description:"HTTP challenge EntryPoint"`
}
HTTPChallenge contains HTTP challenge Configuration
type LocalStore ¶
type LocalStore struct { SaveDataChan chan *StoredData `json:"-"` // contains filtered or unexported fields }
LocalStore Store implementation for local file
func NewLocalStore ¶
func NewLocalStore(filename string) *LocalStore
NewLocalStore initializes a new LocalStore with a file name
func (*LocalStore) AddTLSChallenge ¶ added in v1.7.0
func (s *LocalStore) AddTLSChallenge(domain string, cert *Certificate) error
AddTLSChallenge Add a certificate to the ACME TLS-ALPN-01 certificates storage
func (*LocalStore) GetAccount ¶
func (s *LocalStore) GetAccount() (*Account, error)
GetAccount returns ACME Account
func (*LocalStore) GetCertificates ¶
func (s *LocalStore) GetCertificates() ([]*Certificate, error)
GetCertificates returns ACME Certificates list
func (*LocalStore) GetHTTPChallengeToken ¶ added in v1.6.5
func (s *LocalStore) GetHTTPChallengeToken(token, domain string) ([]byte, error)
GetHTTPChallengeToken Get the http challenge token from the store
func (*LocalStore) GetTLSChallenge ¶ added in v1.7.0
func (s *LocalStore) GetTLSChallenge(domain string) (*Certificate, error)
GetTLSChallenge Get a certificate from the ACME TLS-ALPN-01 certificates storage
func (*LocalStore) RemoveHTTPChallengeToken ¶ added in v1.6.5
func (s *LocalStore) RemoveHTTPChallengeToken(token, domain string) error
RemoveHTTPChallengeToken Remove the http challenge token in the store
func (*LocalStore) RemoveTLSChallenge ¶ added in v1.7.0
func (s *LocalStore) RemoveTLSChallenge(domain string) error
RemoveTLSChallenge Remove a certificate from the ACME TLS-ALPN-01 certificates storage
func (*LocalStore) SaveAccount ¶
func (s *LocalStore) SaveAccount(account *Account) error
SaveAccount stores ACME Account
func (*LocalStore) SaveCertificates ¶
func (s *LocalStore) SaveCertificates(certificates []*Certificate) error
SaveCertificates stores ACME Certificates list
func (*LocalStore) SetHTTPChallengeToken ¶ added in v1.6.5
func (s *LocalStore) SetHTTPChallengeToken(token, domain string, keyAuth []byte) error
SetHTTPChallengeToken Set the http challenge token in the store
type Provider ¶
type Provider struct { *Configuration Store Store // contains filtered or unexported fields }
Provider holds configurations of the provider.
func (*Provider) GetTLSALPNCertificate ¶ added in v1.7.0
func (p *Provider) GetTLSALPNCertificate(domain string) (*tls.Certificate, error)
GetTLSALPNCertificate Get the temp certificate for ACME TLS-ALPN-O1 challenge.
func (*Provider) Init ¶ added in v1.7.0
func (p *Provider) Init(_ types.Constraints) error
Init for compatibility reason the BaseProvider implements an empty Init
func (*Provider) ListenConfiguration ¶
func (p *Provider) ListenConfiguration(config types.Configuration)
ListenConfiguration sets a new Configuration into the configFromListenerChan
func (*Provider) ListenRequest ¶
func (p *Provider) ListenRequest(domain string) (*tls.Certificate, error)
ListenRequest resolves new certificates for a domain from an incoming request and return a valid Certificate to serve (onDemand option)
func (*Provider) Provide ¶
Provide allows the file provider to provide configurations to traefik using the given Configuration channel.
func (*Provider) SetCertificateStore ¶ added in v1.7.0
func (p *Provider) SetCertificateStore(certificateStore *traefiktls.CertificateStore)
SetCertificateStore allow to initialize certificate store
func (*Provider) SetConfigListenerChan ¶
func (p *Provider) SetConfigListenerChan(configFromListenerChan chan types.Configuration)
SetConfigListenerChan initializes the configFromListenerChan
type Store ¶
type Store interface { GetAccount() (*Account, error) SaveAccount(*Account) error GetCertificates() ([]*Certificate, error) SaveCertificates([]*Certificate) error GetHTTPChallengeToken(token, domain string) ([]byte, error) SetHTTPChallengeToken(token, domain string, keyAuth []byte) error RemoveHTTPChallengeToken(token, domain string) error AddTLSChallenge(domain string, cert *Certificate) error GetTLSChallenge(domain string) (*Certificate, error) RemoveTLSChallenge(domain string) error }
Store is a generic interface to represents a storage
type StoredData ¶
type StoredData struct { Account *Account Certificates []*Certificate HTTPChallenges map[string]map[string][]byte TLSChallenges map[string]*Certificate }
StoredData represents the data managed by the Store
type TLSChallenge ¶ added in v1.7.0
type TLSChallenge struct{}
TLSChallenge contains TLS challenge Configuration