traefik-certs-dumper

command module

v2.8.3 Latest Latest Go to latest Published: Dec 5, 2023 License: Apache-2.0 Imports: 2 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ldez/traefik-certs-dumper

Links

Open Source Insights

README ¶

traefik-certs-dumper

If you appreciate this project:

Features

Supported sources:
- file ("acme.json")
- KV stores (Consul, Etcd, Zookeeper, Boltdb)
Watch changes:
- from file ("acme.json")
- from KV stores (Consul, Etcd, Zookeeper)
Output formats:
- use domain as sub-directory (allow custom names and extensions)
- flat (domain as filename)
Hook (only with watch mode and if the data source changes)

Installation

Download / CI Integration

curl -sfL https://raw.githubusercontent.com/ldez/traefik-certs-dumper/master/godownloader.sh | bash -s -- -b $(go env GOPATH)/bin v2.8.1

From Binaries

You can use pre-compiled binaries:

To get the binary just download the latest release for your OS/Arch from the releases page
Unzip the archive.
Add traefik-certs-dumper in your PATH.

From Docker

docker run ldez/traefik-certs-dumper:<tag_name>

Examples:

Traefik v1: docker-compose
Traefik v2: docker-compose

Usage

Examples

Note: to dump data from Traefik v2, the CLI flag --version v2 must be added.

Simple Dump

$ traefik-certs-dumper file
dump
├──certs
│  └──my.domain.com.key
└──private
   ├──my.domain.com.crt
   └──letsencrypt.key

Change source and destination

$ traefik-certs-dumper file --source ./acme.json --dest ./dump/test
test
├──certs
│  └──my.domain.com.key
└──private
   ├──my.domain.com.crt
   └──letsencrypt.key

Use domain as sub-directory

$ traefik-certs-dumper file --domain-subdir=true
dump
├──my.domain.com
│  ├──certificate.crt
│  └──privatekey.key
└──private
   └──letsencrypt.key

Change file extension

$ traefik-certs-dumper file --domain-subdir --crt-ext=.pem --key-ext=.pem
dump
├──my.domain.com
│  ├──certificate.pem
│  └──privatekey.pem
└──private
   └──letsencrypt.key

Change file name

$ traefik-certs-dumper file --domain-subdir --crt-name=fullchain --key-name=privkey
dump
├──my.domain.com
│  ├──fullchain.crt
│  └──privkey.key
└──private
   └──letsencrypt.key

Hook

Hook can be a one liner passed as a string, or a file for more complex post-hook scenarios. For the former, create a file (ex: hook.sh) and mount it, then pass sh hooksh as a parameter to --post-hook.

Here is a docker-compose example:

version: '3.9'

services:
# ...

  traefik-certs-dumper:
    image: ldez/traefik-certs-dumper:v2.8.1
    container_name: traefik-certs-dumper
    entrypoint: sh -c '
      apk add jq
      ; while ! [ -e /data/acme.json ]
      || ! [ `jq ".[] | .Certificates | length" /data/acme.json` != 0 ]; do
      sleep 1
      ; done
      && traefik-certs-dumper file --version v2 --watch
        --source /data/acme.json --dest /data/certs
        --post-hook "sh /hook.sh"'
    labels:
      traefik.enable: false
    volumes:
      - ./letsencrypt:/data
      - ./hook.sh:/hook.sh

# ...

KV store

Consul

$ traefik-certs-dumper kv consul --endpoints localhost:8500

Etcd

$ traefik-certs-dumper kv etcd --endpoints localhost:2379

Boltdb

$ traefik-certs-dumper kv boltdb --endpoints /the/path/to/mydb.db

Zookeeper

$ traefik-certs-dumper kv zookeeper --endpoints localhost:2181

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cmd
dumper
file
kv
v1
v2
hook
integrationtest

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL