wildcard certs are here!!!
This commit is contained in:
parent
078891a0a9
commit
8e90029a84
|
@ -37,6 +37,14 @@ resource "cloudflare_record" "internet-wildcard" {
|
|||
ttl = 3600
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "acme-no-cname-1" {
|
||||
domain = "${var.domain}"
|
||||
name = "_acme-challenge.${var.domain}"
|
||||
type = "A"
|
||||
value = "127.0.0.1"
|
||||
ttl = "300"
|
||||
}
|
||||
|
||||
/**
|
||||
* vpn.bb8.fun
|
||||
* *.vpn.bb8.fun
|
||||
|
|
|
@ -85,13 +85,13 @@ acmelogging = true
|
|||
[acme.httpChallenge]
|
||||
entryPoint = "http"
|
||||
|
||||
# Keep DNS challenge disabled
|
||||
# for now
|
||||
# [acme.dnsChallenge]
|
||||
# provider = "cloudflare"
|
||||
# delayBeforeCheck = 5
|
||||
# Get wildcard once possible
|
||||
[acme.dnsChallenge]
|
||||
provider = "cloudflare"
|
||||
delayBeforeCheck = 30
|
||||
|
||||
# This is a legacy certificate
|
||||
# From when traefik did not support
|
||||
# wildcard certs
|
||||
[[acme.domains]]
|
||||
main = "bb8.fun"
|
||||
sans = [
|
||||
|
@ -126,3 +126,9 @@ sans = [
|
|||
"wifi.bb8.fun",
|
||||
"wiki.bb8.fun"
|
||||
]
|
||||
# Primary 2 wildcard certs
|
||||
[[acme.domains]]
|
||||
main = "*.bb8.fun"
|
||||
# Internal services are also protected!
|
||||
[[acme.domains]]
|
||||
main = "*.in.bb8.fun"
|
||||
|
|
|
@ -17,7 +17,7 @@ data "docker_registry_image" "transmission" {
|
|||
}
|
||||
|
||||
data "docker_registry_image" "traefik" {
|
||||
name = "traefik:cancoillotte-alpine"
|
||||
name = "traefik:1.6"
|
||||
}
|
||||
|
||||
data "docker_registry_image" "wikijs" {
|
||||
|
|
Loading…
Reference in New Issue