Documentation ¶
Index ¶
- Constants
- func CheckFile(name string) (bool, error)
- func GetKeyType(ctx context.Context, value string) certcrypto.KeyType
- type Account
- type Certificate
- type Configuration
- type DNSChallenge
- type HTTPChallenge
- type LocalStore
- func (s *LocalStore) AddTLSChallenge(domain string, cert *Certificate) error
- func (s *LocalStore) GetAccount() (*Account, error)
- func (s *LocalStore) GetCertificates() ([]*Certificate, error)
- func (s *LocalStore) GetHTTPChallengeToken(token, domain string) ([]byte, error)
- func (s *LocalStore) GetTLSChallenge(domain string) (*Certificate, error)
- func (s *LocalStore) RemoveHTTPChallengeToken(token, domain string) error
- func (s *LocalStore) RemoveTLSChallenge(domain string) error
- func (s *LocalStore) SaveAccount(account *Account) error
- func (s *LocalStore) SaveCertificates(certificates []*Certificate) error
- func (s *LocalStore) SetHTTPChallengeToken(token, domain string, keyAuth []byte) error
- type Provider
- func (p *Provider) Append(router *mux.Router)
- func (p *Provider) GetTLSALPNCertificate(domain string) (*tls.Certificate, error)
- func (p *Provider) Init() error
- func (p *Provider) ListenConfiguration(config config.Configuration)
- func (p *Provider) ListenRequest(domain string) (*tls.Certificate, error)
- func (p *Provider) Provide(configurationChan chan<- config.Message, pool *safe.Pool) error
- func (p *Provider) SetConfigListenerChan(configFromListenerChan chan config.Configuration)
- func (p *Provider) SetTLSManager(tlsManager *traefiktls.Manager)
- type Store
- type StoredData
- type TLSChallenge
Constants ¶
const (
// RegistrationURLPathV1Regexp is a regexp which match ACME registration URL in the V1 format
RegistrationURLPathV1Regexp = `^.*/acme/reg/\d+$`
)
Variables ¶
This section is empty.
Functions ¶
func GetKeyType ¶
func GetKeyType(ctx context.Context, value string) certcrypto.KeyType
GetKeyType used to determine which algo to used
Types ¶
type Account ¶
type Account struct { Email string Registration *registration.Resource PrivateKey []byte KeyType certcrypto.KeyType }
Account is used to store lets encrypt registration info
func NewAccount ¶
NewAccount creates an account
func (*Account) GetPrivateKey ¶
func (a *Account) GetPrivateKey() crypto.PrivateKey
GetPrivateKey returns private key
func (*Account) GetRegistration ¶
func (a *Account) GetRegistration() *registration.Resource
GetRegistration returns lets encrypt registration resource
type Certificate ¶
Certificate is a struct which contains all data needed from an ACME certificate
type Configuration ¶
type Configuration struct { Email string `description:"Email address used for registration."` ACMELogging bool `description:"Enable debug logging of ACME actions."` CAServer string `description:"CA server to use."` Storage string `description:"Storage to use."` EntryPoint string `description:"EntryPoint to use."` KeyType string `` /* 129-byte string literal not displayed */ OnHostRule bool `description:"Enable certificate generation on router Host rules."` DNSChallenge *DNSChallenge `description:"Activate DNS-01 Challenge." label:"allowEmpty"` HTTPChallenge *HTTPChallenge `description:"Activate HTTP-01 Challenge." label:"allowEmpty"` TLSChallenge *TLSChallenge `description:"Activate TLS-ALPN-01 Challenge." label:"allowEmpty"` Domains []types.Domain `` /* 132-byte string literal not displayed */ }
Configuration holds ACME configuration provided by users
func (*Configuration) SetDefaults ¶
func (a *Configuration) SetDefaults()
SetDefaults sets the default values.
type DNSChallenge ¶
type DNSChallenge struct { Provider string `description:"Use a DNS-01 based challenge provider rather than HTTPS."` DelayBeforeCheck types.Duration `description:"Assume DNS propagates after a delay in seconds rather than finding and querying nameservers."` Resolvers []string `description:"Use following DNS servers to resolve the FQDN authority."` DisablePropagationCheck bool `description:"Disable the DNS propagation checks before notifying ACME that the DNS challenge is ready. [not recommended]"` }
DNSChallenge contains DNS challenge Configuration
type HTTPChallenge ¶
type HTTPChallenge struct {
EntryPoint string `description:"HTTP challenge EntryPoint"`
}
HTTPChallenge contains HTTP challenge Configuration
type LocalStore ¶
type LocalStore struct { SaveDataChan chan *StoredData `json:"-"` // contains filtered or unexported fields }
LocalStore Stores implementation for local file
func NewLocalStore ¶
func NewLocalStore(filename string) *LocalStore
NewLocalStore initializes a new LocalStore with a file name
func (*LocalStore) AddTLSChallenge ¶
func (s *LocalStore) AddTLSChallenge(domain string, cert *Certificate) error
AddTLSChallenge Add a certificate to the ACME TLS-ALPN-01 certificates storage
func (*LocalStore) GetAccount ¶
func (s *LocalStore) GetAccount() (*Account, error)
GetAccount returns ACME Account
func (*LocalStore) GetCertificates ¶
func (s *LocalStore) GetCertificates() ([]*Certificate, error)
GetCertificates returns ACME Certificates list
func (*LocalStore) GetHTTPChallengeToken ¶
func (s *LocalStore) GetHTTPChallengeToken(token, domain string) ([]byte, error)
GetHTTPChallengeToken Get the http challenge token from the store
func (*LocalStore) GetTLSChallenge ¶
func (s *LocalStore) GetTLSChallenge(domain string) (*Certificate, error)
GetTLSChallenge Get a certificate from the ACME TLS-ALPN-01 certificates storage
func (*LocalStore) RemoveHTTPChallengeToken ¶
func (s *LocalStore) RemoveHTTPChallengeToken(token, domain string) error
RemoveHTTPChallengeToken Remove the http challenge token in the store
func (*LocalStore) RemoveTLSChallenge ¶
func (s *LocalStore) RemoveTLSChallenge(domain string) error
RemoveTLSChallenge Remove a certificate from the ACME TLS-ALPN-01 certificates storage
func (*LocalStore) SaveAccount ¶
func (s *LocalStore) SaveAccount(account *Account) error
SaveAccount stores ACME Account
func (*LocalStore) SaveCertificates ¶
func (s *LocalStore) SaveCertificates(certificates []*Certificate) error
SaveCertificates stores ACME Certificates list
func (*LocalStore) SetHTTPChallengeToken ¶
func (s *LocalStore) SetHTTPChallengeToken(token, domain string, keyAuth []byte) error
SetHTTPChallengeToken Set the http challenge token in the store
type Provider ¶
type Provider struct { *Configuration Store Store // contains filtered or unexported fields }
Provider holds configurations of the provider.
func (*Provider) GetTLSALPNCertificate ¶
func (p *Provider) GetTLSALPNCertificate(domain string) (*tls.Certificate, error)
GetTLSALPNCertificate Get the temp certificate for ACME TLS-ALPN-O1 challenge.
func (*Provider) ListenConfiguration ¶
func (p *Provider) ListenConfiguration(config config.Configuration)
ListenConfiguration sets a new Configuration into the configFromListenerChan
func (*Provider) ListenRequest ¶
func (p *Provider) ListenRequest(domain string) (*tls.Certificate, error)
ListenRequest resolves new certificates for a domain from an incoming request and return a valid Certificate to serve (onDemand option)
func (*Provider) Provide ¶
Provide allows the file provider to provide configurations to traefik using the given Configuration channel.
func (*Provider) SetConfigListenerChan ¶
func (p *Provider) SetConfigListenerChan(configFromListenerChan chan config.Configuration)
SetConfigListenerChan initializes the configFromListenerChan
func (*Provider) SetTLSManager ¶
func (p *Provider) SetTLSManager(tlsManager *traefiktls.Manager)
SetTLSManager sets the tls manager to use
type Store ¶
type Store interface { GetAccount() (*Account, error) SaveAccount(*Account) error GetCertificates() ([]*Certificate, error) SaveCertificates([]*Certificate) error GetHTTPChallengeToken(token, domain string) ([]byte, error) SetHTTPChallengeToken(token, domain string, keyAuth []byte) error RemoveHTTPChallengeToken(token, domain string) error AddTLSChallenge(domain string, cert *Certificate) error GetTLSChallenge(domain string) (*Certificate, error) RemoveTLSChallenge(domain string) error }
Store is a generic interface that represents a storage
type StoredData ¶
type StoredData struct { Account *Account Certificates []*Certificate HTTPChallenges map[string]map[string][]byte TLSChallenges map[string]*Certificate }
StoredData represents the data managed by Store