acme

package

v1.6.5 Latest Latest Go to latest Published: Jul 10, 2018 License: MIT Imports: 32 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/blrn/traefik

Links

Open Source Insights

Documentation ¶

Rendered for

Index ¶

Constants
Variables
func CheckFile(name string) (bool, error)
func IsEnabled() bool
type Account
- func NewAccount(email string) (*Account, error)
type Certificate
type Configuration
type DNSChallenge
type HTTPChallenge
type LocalStore
- func NewLocalStore(filename string) *LocalStore
type Provider
- func Get() *Provider
type Store
type StoredData

Constants ¶

View Source

const (
	// RegistrationURLPathV1Regexp is a regexp which match ACME registration URL in the V1 format
	RegistrationURLPathV1Regexp = `^.*/acme/reg/\d+$`
)

Variables ¶

View Source

var (
	// OSCPMustStaple enables OSCP stapling as from https://github.com/xenolf/lego/issues/270
	OSCPMustStaple = false
)

Functions ¶

func CheckFile ¶

func CheckFile(name string) (bool, error)

CheckFile checks file permissions and content size

func IsEnabled ¶

func IsEnabled() bool

IsEnabled returns true if the provider instance and its configuration are not nil, otherwise false

Types ¶

type Account ¶

type Account struct {
	Email        string
	Registration *acme.RegistrationResource
	PrivateKey   []byte
}

Account is used to store lets encrypt registration info

func NewAccount ¶

func NewAccount(email string) (*Account, error)

NewAccount creates an account

func (*Account) GetEmail ¶

func (a *Account) GetEmail() string

GetEmail returns email

func (*Account) GetPrivateKey ¶

func (a *Account) GetPrivateKey() crypto.PrivateKey

GetPrivateKey returns private key

func (*Account) GetRegistration ¶

func (a *Account) GetRegistration() *acme.RegistrationResource

GetRegistration returns lets encrypt registration resource

type Certificate ¶

type Certificate struct {
	Domain      types.Domain
	Certificate []byte
	Key         []byte
}

Certificate is a struct which contains all data needed from an ACME certificate

type Configuration ¶

type Configuration struct {
	Email       string `description:"Email address used for registration"`
	ACMELogging bool   `description:"Enable debug logging of ACME actions."`
	CAServer    string `description:"CA server to use."`
	Storage     string `description:"Storage to use."`
	EntryPoint  string `description:"EntryPoint to use."`
	OnHostRule  bool   `description:"Enable certificate generation on frontends Host rules."`
	OnDemand    bool   `` // Deprecated
	/* 189-byte string literal not displayed */
	DNSChallenge  *DNSChallenge  `description:"Activate DNS-01 Challenge"`
	HTTPChallenge *HTTPChallenge `description:"Activate HTTP-01 Challenge"`
	Domains       []types.Domain `` /* 233-byte string literal not displayed */
}

Configuration holds ACME configuration provided by users

type DNSChallenge ¶

type DNSChallenge struct {
	Provider         string         `description:"Use a DNS-01 based challenge provider rather than HTTPS."`
	DelayBeforeCheck flaeg.Duration `description:"Assume DNS propagates after a delay in seconds rather than finding and querying nameservers."`
}

DNSChallenge contains DNS challenge Configuration

type HTTPChallenge ¶

type HTTPChallenge struct {
	EntryPoint string `description:"HTTP challenge EntryPoint"`
}

HTTPChallenge contains HTTP challenge Configuration

type LocalStore ¶

type LocalStore struct {
	SaveDataChan chan *StoredData `json:"-"`
	// contains filtered or unexported fields
}

LocalStore Store implementation for local file

func NewLocalStore ¶

func NewLocalStore(filename string) *LocalStore

NewLocalStore initializes a new LocalStore with a file name

func (*LocalStore) GetAccount ¶

func (s *LocalStore) GetAccount() (*Account, error)

GetAccount returns ACME Account

func (*LocalStore) GetCertificates ¶

func (s *LocalStore) GetCertificates() ([]*Certificate, error)

GetCertificates returns ACME Certificates list

func (*LocalStore) GetHTTPChallengeToken ¶ added in v1.6.5

func (s *LocalStore) GetHTTPChallengeToken(token, domain string) ([]byte, error)

GetHTTPChallengeToken Get the http challenge token from the store

func (*LocalStore) RemoveHTTPChallengeToken ¶ added in v1.6.5

func (s *LocalStore) RemoveHTTPChallengeToken(token, domain string) error

RemoveHTTPChallengeToken Remove the http challenge token in the store

func (*LocalStore) SaveAccount ¶

func (s *LocalStore) SaveAccount(account *Account) error

SaveAccount stores ACME Account

func (*LocalStore) SaveCertificates ¶

func (s *LocalStore) SaveCertificates(certificates []*Certificate) error

SaveCertificates stores ACME Certificates list

func (*LocalStore) SetHTTPChallengeToken ¶ added in v1.6.5

func (s *LocalStore) SetHTTPChallengeToken(token, domain string, keyAuth []byte) error

SetHTTPChallengeToken Set the http challenge token in the store

type Provider ¶

type Provider struct {
	*Configuration
	Store Store
	// contains filtered or unexported fields
}

Provider holds configurations of the provider.

func Get ¶

func Get() *Provider

Get returns the provider instance

func (*Provider) AddRoutes ¶

func (p *Provider) AddRoutes(router *mux.Router)

AddRoutes add routes on internal router

func (*Provider) CleanUp ¶

func (p *Provider) CleanUp(domain, token, keyAuth string) error

CleanUp cleans the challenges when certificate is obtained

func (*Provider) ListenConfiguration ¶

func (p *Provider) ListenConfiguration(config types.Configuration)

ListenConfiguration sets a new Configuration into the configFromListenerChan

func (*Provider) ListenRequest ¶

func (p *Provider) ListenRequest(domain string) (*tls.Certificate, error)

ListenRequest resolves new certificates for a domain from an incoming request and return a valid Certificate to serve (onDemand option)

func (*Provider) Present ¶

func (p *Provider) Present(domain, token, keyAuth string) error

Present presents a challenge to obtain new ACME certificate

func (*Provider) Provide ¶

func (p *Provider) Provide(configurationChan chan<- types.ConfigMessage, pool *safe.Pool, constraints types.Constraints) error

Provide allows the file provider to provide configurations to traefik using the given Configuration channel.

func (*Provider) SetConfigListenerChan ¶

func (p *Provider) SetConfigListenerChan(configFromListenerChan chan types.Configuration)

SetConfigListenerChan initializes the configFromListenerChan

func (*Provider) SetDynamicCertificates ¶

func (p *Provider) SetDynamicCertificates(safe *safe.Safe)

SetDynamicCertificates allow to initialize dynamicCerts map

func (*Provider) SetStaticCertificates ¶

func (p *Provider) SetStaticCertificates(staticCerts map[string]*tls.Certificate)

SetStaticCertificates allow to initialize staticCerts map

func (*Provider) Timeout ¶

func (p *Provider) Timeout() (timeout, interval time.Duration)

Timeout calculates the maximum of time allowed to resolved an ACME challenge

type Store ¶

type Store interface {
	GetAccount() (*Account, error)
	SaveAccount(*Account) error
	GetCertificates() ([]*Certificate, error)
	SaveCertificates([]*Certificate) error
	GetHTTPChallengeToken(token, domain string) ([]byte, error)
	SetHTTPChallengeToken(token, domain string, keyAuth []byte) error
	RemoveHTTPChallengeToken(token, domain string) error
}

Store is a generic interface to represents a storage

type StoredData ¶

type StoredData struct {
	Account        *Account
	Certificates   []*Certificate
	HTTPChallenges map[string]map[string][]byte
}

StoredData represents the data managed by the Store

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL