acme

package
v2.2.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 7, 2020 License: MIT Imports: 36 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// RegistrationURLPathV1Regexp is a regexp which match ACME registration URL in the V1 format.
	RegistrationURLPathV1Regexp = `^.*/acme/reg/\d+$`
)

Variables

This section is empty.

Functions

func CheckFile

func CheckFile(name string) (bool, error)

CheckFile checks file permissions and content size.

func GetKeyType

func GetKeyType(ctx context.Context, value string) certcrypto.KeyType

GetKeyType used to determine which algo to used.

Types

type Account

type Account struct {
	Email        string
	Registration *registration.Resource
	PrivateKey   []byte
	KeyType      certcrypto.KeyType
}

Account is used to store lets encrypt registration info.

func NewAccount

func NewAccount(ctx context.Context, email, keyTypeValue string) (*Account, error)

NewAccount creates an account.

func (*Account) GetEmail

func (a *Account) GetEmail() string

GetEmail returns email.

func (*Account) GetPrivateKey

func (a *Account) GetPrivateKey() crypto.PrivateKey

GetPrivateKey returns private key.

func (*Account) GetRegistration

func (a *Account) GetRegistration() *registration.Resource

GetRegistration returns lets encrypt registration resource.

type CertAndStore

type CertAndStore struct {
	Certificate
	Store string
}

CertAndStore allows mapping a TLS certificate to a TLS store.

type Certificate

type Certificate struct {
	Domain      types.Domain `json:"domain,omitempty" toml:"domain,omitempty" yaml:"domain,omitempty"`
	Certificate []byte       `json:"certificate,omitempty" toml:"certificate,omitempty" yaml:"certificate,omitempty"`
	Key         []byte       `json:"key,omitempty" toml:"key,omitempty" yaml:"key,omitempty"`
}

Certificate is a struct which contains all data needed from an ACME certificate.

type ChallengeStore

type ChallengeStore interface {
	GetHTTPChallengeToken(token, domain string) ([]byte, error)
	SetHTTPChallengeToken(token, domain string, keyAuth []byte) error
	RemoveHTTPChallengeToken(token, domain string) error

	AddTLSChallenge(domain string, cert *Certificate) error
	GetTLSChallenge(domain string) (*Certificate, error)
	RemoveTLSChallenge(domain string) error
}

ChallengeStore is a generic interface that represents a store for challenge data.

type Configuration

type Configuration struct {
	Email          string         `description:"Email address used for registration." json:"email,omitempty" toml:"email,omitempty" yaml:"email,omitempty"`
	CAServer       string         `description:"CA server to use." json:"caServer,omitempty" toml:"caServer,omitempty" yaml:"caServer,omitempty"`
	PreferredChain string         `` /* 133-byte string literal not displayed */
	Storage        string         `description:"Storage to use." json:"storage,omitempty" toml:"storage,omitempty" yaml:"storage,omitempty"`
	KeyType        string         `` /* 204-byte string literal not displayed */
	DNSChallenge   *DNSChallenge  `` /* 149-byte string literal not displayed */
	HTTPChallenge  *HTTPChallenge `` /* 153-byte string literal not displayed */
	TLSChallenge   *TLSChallenge  `` /* 154-byte string literal not displayed */
}

Configuration holds ACME configuration provided by users.

func (*Configuration) SetDefaults

func (a *Configuration) SetDefaults()

SetDefaults sets the default values.

type DNSChallenge

type DNSChallenge struct {
	Provider                string         `` /* 148-byte string literal not displayed */
	DelayBeforeCheck        types.Duration `` /* 208-byte string literal not displayed */
	Resolvers               []string       `` /* 151-byte string literal not displayed */
	DisablePropagationCheck bool           `` /* 244-byte string literal not displayed */
}

DNSChallenge contains DNS challenge Configuration.

type HTTPChallenge

type HTTPChallenge struct {
	EntryPoint string `description:"HTTP challenge EntryPoint" json:"entryPoint,omitempty" toml:"entryPoint,omitempty" yaml:"entryPoint,omitempty"`
}

HTTPChallenge contains HTTP challenge Configuration.

type LocalChallengeStore

type LocalChallengeStore struct {
	// contains filtered or unexported fields
}

LocalChallengeStore is an implementation of the ChallengeStore in memory.

func NewLocalChallengeStore

func NewLocalChallengeStore() *LocalChallengeStore

NewLocalChallengeStore initializes a new LocalChallengeStore.

func (*LocalChallengeStore) AddTLSChallenge

func (s *LocalChallengeStore) AddTLSChallenge(domain string, cert *Certificate) error

AddTLSChallenge Add a certificate to the ACME TLS-ALPN-01 certificates storage.

func (*LocalChallengeStore) GetHTTPChallengeToken

func (s *LocalChallengeStore) GetHTTPChallengeToken(token, domain string) ([]byte, error)

GetHTTPChallengeToken Get the http challenge token from the store.

func (*LocalChallengeStore) GetTLSChallenge

func (s *LocalChallengeStore) GetTLSChallenge(domain string) (*Certificate, error)

GetTLSChallenge Get a certificate from the ACME TLS-ALPN-01 certificates storage.

func (*LocalChallengeStore) RemoveHTTPChallengeToken

func (s *LocalChallengeStore) RemoveHTTPChallengeToken(token, domain string) error

RemoveHTTPChallengeToken Remove the http challenge token in the store.

func (*LocalChallengeStore) RemoveTLSChallenge

func (s *LocalChallengeStore) RemoveTLSChallenge(domain string) error

RemoveTLSChallenge Remove a certificate from the ACME TLS-ALPN-01 certificates storage.

func (*LocalChallengeStore) SetHTTPChallengeToken

func (s *LocalChallengeStore) SetHTTPChallengeToken(token, domain string, keyAuth []byte) error

SetHTTPChallengeToken Set the http challenge token in the store.

type LocalStore

type LocalStore struct {
	// contains filtered or unexported fields
}

LocalStore Stores implementation for local file.

func NewLocalStore

func NewLocalStore(filename string) *LocalStore

NewLocalStore initializes a new LocalStore with a file name.

func (*LocalStore) GetAccount

func (s *LocalStore) GetAccount(resolverName string) (*Account, error)

GetAccount returns ACME Account.

func (*LocalStore) GetCertificates

func (s *LocalStore) GetCertificates(resolverName string) ([]*CertAndStore, error)

GetCertificates returns ACME Certificates list.

func (*LocalStore) SaveAccount

func (s *LocalStore) SaveAccount(resolverName string, account *Account) error

SaveAccount stores ACME Account.

func (*LocalStore) SaveCertificates

func (s *LocalStore) SaveCertificates(resolverName string, certificates []*CertAndStore) error

SaveCertificates stores ACME Certificates list.

type Provider

type Provider struct {
	*Configuration
	ResolverName   string
	Store          Store `json:"store,omitempty" toml:"store,omitempty" yaml:"store,omitempty"`
	ChallengeStore ChallengeStore
	// contains filtered or unexported fields
}

Provider holds configurations of the provider.

func (*Provider) CreateHandler added in v2.1.0

func (p *Provider) CreateHandler(notFoundHandler http.Handler) http.Handler

CreateHandler creates a HTTP handler to expose the token for the HTTP challenge.

func (*Provider) GetTLSALPNCertificate

func (p *Provider) GetTLSALPNCertificate(domain string) (*tls.Certificate, error)

GetTLSALPNCertificate Get the temp certificate for ACME TLS-ALPN-O1 challenge.

func (*Provider) Init

func (p *Provider) Init() error

Init for compatibility reason the BaseProvider implements an empty Init.

func (*Provider) ListenConfiguration

func (p *Provider) ListenConfiguration(config dynamic.Configuration)

ListenConfiguration sets a new Configuration into the configFromListenerChan.

func (*Provider) Provide

func (p *Provider) Provide(configurationChan chan<- dynamic.Message, pool *safe.Pool) error

Provide allows the file provider to provide configurations to traefik using the given Configuration channel.

func (*Provider) SetConfigListenerChan

func (p *Provider) SetConfigListenerChan(configFromListenerChan chan dynamic.Configuration)

SetConfigListenerChan initializes the configFromListenerChan.

func (*Provider) SetTLSManager

func (p *Provider) SetTLSManager(tlsManager *traefiktls.Manager)

SetTLSManager sets the tls manager to use.

type Store

type Store interface {
	GetAccount(string) (*Account, error)
	SaveAccount(string, *Account) error
	GetCertificates(string) ([]*CertAndStore, error)
	SaveCertificates(string, []*CertAndStore) error
}

Store is a generic interface that represents a storage.

type StoredChallengeData

type StoredChallengeData struct {
	HTTPChallenges map[string]map[string][]byte
	TLSChallenges  map[string]*Certificate
}

StoredChallengeData represents the data managed by ChallengeStore.

type StoredData

type StoredData struct {
	Account      *Account
	Certificates []*CertAndStore
}

StoredData represents the data managed by Store.

type TLSChallenge

type TLSChallenge struct{}

TLSChallenge contains TLS challenge Configuration.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL