dns challenge with gandi
This commit is contained in:
parent
67501f5df0
commit
0979a3420a
3 changed files with 19 additions and 5 deletions
|
@ -1,7 +1,13 @@
|
|||
# ssl
|
||||
DNSCHALLENGE_PROVIDER=gandi
|
||||
GANDI_API_KEY=xxxxxxxxxxxxxxxxx
|
||||
LETSENCRYPT_EMAIL=root@localhost.localdomain
|
||||
# sites
|
||||
DOMAIN=localhost.localdomain
|
||||
HOST_TRAEFIK=traefik
|
||||
HOST_GLANCES=glances
|
||||
HOST_PORTAINER=portainer
|
||||
HOST_MAIL=mail
|
||||
# other
|
||||
TZ=Europe/Paris
|
||||
LETSENCRYPT_EMAIL=root@localhost.localdomain
|
||||
|
||||
|
|
|
@ -12,15 +12,23 @@ services:
|
|||
- --entrypoints.websecure.address=:443
|
||||
- --certificatesresolvers.letsencrypt.acme.email=${LETSENCRYPT_EMAIL}
|
||||
- --certificatesresolvers.letsencrypt.acme.storage=/acme.json
|
||||
- --certificatesresolvers.letsencrypt.acme.tlschallenge=true
|
||||
#- --certificatesresolvers.letsencrypt.acme.tlschallenge=true
|
||||
- --certificatesResolvers.letsencrypt.acme.dnsChallenge=true
|
||||
- --certificatesResolvers.letsencrypt.acme.dnsChallenge.resolvers=1.1.1.1:53,8.8.8.8:53
|
||||
- --certificatesresolvers.letsencrypt.acme.dnschallenge.provider=${DNSCHALLENGE_PROVIDER}
|
||||
#- --certificatesResolvers.letsencrypt.acme.dnsChallenge.delayBeforeCheck=0
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.dashboard.rule=Host(`${HOST_TRAEFIK}.${DOMAIN}`)
|
||||
- traefik.http.routers.dashboard.entrypoints=web
|
||||
- traefik.http.routers.dashboard.entrypoints=websecure
|
||||
- traefik.http.routers.dashboard.service=api@internal
|
||||
- traefik.http.routers.dashboard.tls=true
|
||||
- traefik.http.routers.dashboard.tls.certresolver=letsencrypt
|
||||
- traefik.http.services.dashboard.loadbalancer.server.port=8080
|
||||
- traefik.http.routers.dashboard.tls.certresolver=letsencrypt
|
||||
- traefik.http.routers.dashboard.tls.domains[0].main=${DOMAIN}
|
||||
- traefik.http.routers.dashboard.tls.domains[0].sans=*.${DOMAIN}
|
||||
#- traefik.http.services.dashboard.loadbalancer.server.port=8080
|
||||
- traefik.http.routers.dashboard.middlewares=redirect-to-https
|
||||
# global redirect to https
|
||||
#- traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)
|
||||
#- traefik.http.routers.http-catchall.entrypoints=web
|
||||
|
@ -38,4 +46,4 @@ services:
|
|||
restart: unless-stopped
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
- /srv/hosting/traefik/acme.json:/acme.json
|
||||
# - /srv/hosting/traefik/acme.json:/acme.json
|
||||
|
|
Loading…
Add table
Reference in a new issue