dns challenge with gandi

This commit is contained in:
Yax 2020-06-28 16:43:30 +02:00
parent 67501f5df0
commit 0979a3420a
3 changed files with 19 additions and 5 deletions

View file

@ -1,7 +1,13 @@
# ssl
DNSCHALLENGE_PROVIDER=gandi
GANDI_API_KEY=xxxxxxxxxxxxxxxxx
LETSENCRYPT_EMAIL=root@localhost.localdomain
# sites
DOMAIN=localhost.localdomain
HOST_TRAEFIK=traefik
HOST_GLANCES=glances
HOST_PORTAINER=portainer
HOST_MAIL=mail
# other
TZ=Europe/Paris
LETSENCRYPT_EMAIL=root@localhost.localdomain

View file

View file

@ -12,15 +12,23 @@ services:
- --entrypoints.websecure.address=:443
- --certificatesresolvers.letsencrypt.acme.email=${LETSENCRYPT_EMAIL}
- --certificatesresolvers.letsencrypt.acme.storage=/acme.json
- --certificatesresolvers.letsencrypt.acme.tlschallenge=true
#- --certificatesresolvers.letsencrypt.acme.tlschallenge=true
- --certificatesResolvers.letsencrypt.acme.dnsChallenge=true
- --certificatesResolvers.letsencrypt.acme.dnsChallenge.resolvers=1.1.1.1:53,8.8.8.8:53
- --certificatesresolvers.letsencrypt.acme.dnschallenge.provider=${DNSCHALLENGE_PROVIDER}
#- --certificatesResolvers.letsencrypt.acme.dnsChallenge.delayBeforeCheck=0
labels:
- traefik.enable=true
- traefik.http.routers.dashboard.rule=Host(`${HOST_TRAEFIK}.${DOMAIN}`)
- traefik.http.routers.dashboard.entrypoints=web
- traefik.http.routers.dashboard.entrypoints=websecure
- traefik.http.routers.dashboard.service=api@internal
- traefik.http.routers.dashboard.tls=true
- traefik.http.routers.dashboard.tls.certresolver=letsencrypt
- traefik.http.services.dashboard.loadbalancer.server.port=8080
- traefik.http.routers.dashboard.tls.certresolver=letsencrypt
- traefik.http.routers.dashboard.tls.domains[0].main=${DOMAIN}
- traefik.http.routers.dashboard.tls.domains[0].sans=*.${DOMAIN}
#- traefik.http.services.dashboard.loadbalancer.server.port=8080
- traefik.http.routers.dashboard.middlewares=redirect-to-https
# global redirect to https
#- traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)
#- traefik.http.routers.http-catchall.entrypoints=web
@ -38,4 +46,4 @@ services:
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /srv/hosting/traefik/acme.json:/acme.json
# - /srv/hosting/traefik/acme.json:/acme.json