acme

package
v2.11.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 21, 2024 License: MIT Imports: 39 Imported by: 7

Documentation

Index

Constants

View Source 
const (
	// RegistrationURLPathV1Regexp is a regexp which match ACME registration URL in the V1 format.
	RegistrationURLPathV1Regexp = `^.*/acme/reg/\d+$`
)

Variables

This section is empty.

Functions

func CheckFile 

func CheckFile(name string) (bool, error)

CheckFile checks file permissions and content size.

func GetKeyType 

func GetKeyType(ctx context.Context, value string) certcrypto.KeyType

GetKeyType used to determine which algo to used.

Types

type Account 

type Account struct {
	Email        string
	Registration *registration.Resource
	PrivateKey   []byte
	KeyType      certcrypto.KeyType
}

Account is used to store lets encrypt registration info.

func NewAccount 

func NewAccount(ctx context.Context, email, keyTypeValue string) (*Account, error)

NewAccount creates an account.

func (*Account) GetEmail 

func (a *Account) GetEmail() string

GetEmail returns email.

func (*Account) GetPrivateKey 

func (a *Account) GetPrivateKey() crypto.PrivateKey

GetPrivateKey returns private key.

func (*Account) GetRegistration 

func (a *Account) GetRegistration() *registration.Resource

GetRegistration returns lets encrypt registration resource.

type CertAndStore 

type CertAndStore struct {
	Certificate
	Store string
}

CertAndStore allows mapping a TLS certificate to a TLS store.

type Certificate 

type Certificate struct {
	Domain      types.Domain `json:"domain,omitempty" toml:"domain,omitempty" yaml:"domain,omitempty"`
	Certificate []byte       `json:"certificate,omitempty" toml:"certificate,omitempty" yaml:"certificate,omitempty"`
	Key         []byte       `json:"key,omitempty" toml:"key,omitempty" yaml:"key,omitempty"`
}

Certificate is a struct which contains all data needed from an ACME certificate.

type ChallengeHTTP added in v2.4.0 

type ChallengeHTTP struct {
	// contains filtered or unexported fields
}

ChallengeHTTP HTTP challenge provider implements challenge.Provider.

func NewChallengeHTTP added in v2.4.0 

func NewChallengeHTTP() *ChallengeHTTP

NewChallengeHTTP creates a new ChallengeHTTP.

func (*ChallengeHTTP) CleanUp added in v2.4.0 

func (c *ChallengeHTTP) CleanUp(domain, token, _ string) error

CleanUp cleans the challenges when certificate is obtained.

func (*ChallengeHTTP) Present added in v2.4.0 

func (c *ChallengeHTTP) Present(domain, token, keyAuth string) error

Present presents a challenge to obtain new ACME certificate.

func (*ChallengeHTTP) ServeHTTP added in v2.4.0 

func (c *ChallengeHTTP) ServeHTTP(rw http.ResponseWriter, req *http.Request)

func (*ChallengeHTTP) Timeout added in v2.4.0 

func (c *ChallengeHTTP) Timeout() (timeout, interval time.Duration)

Timeout calculates the maximum of time allowed to resolved an ACME challenge.

type ChallengeTLSALPN added in v2.4.0 

type ChallengeTLSALPN struct {
	// contains filtered or unexported fields
}

ChallengeTLSALPN TLSALPN challenge provider implements challenge.Provider.

func NewChallengeTLSALPN added in v2.4.0 

func NewChallengeTLSALPN() *ChallengeTLSALPN

NewChallengeTLSALPN creates a new ChallengeTLSALPN.

func (*ChallengeTLSALPN) CleanUp added in v2.4.0 

func (c *ChallengeTLSALPN) CleanUp(domain, _, keyAuth string) error

CleanUp cleans the challenges when certificate is obtained.

func (*ChallengeTLSALPN) Init added in v2.4.0 

func (c *ChallengeTLSALPN) Init() error

Init the provider.

func (*ChallengeTLSALPN) ListenConfiguration added in v2.4.0 

func (c *ChallengeTLSALPN) ListenConfiguration(conf dynamic.Configuration)

ListenConfiguration sets a new Configuration into the configurationChan.

func (*ChallengeTLSALPN) Present added in v2.4.0 

func (c *ChallengeTLSALPN) Present(domain, _, keyAuth string) error

Present presents a challenge to obtain new ACME certificate.

func (*ChallengeTLSALPN) Provide added in v2.4.0 

func (c *ChallengeTLSALPN) Provide(configurationChan chan<- dynamic.Message, _ *safe.Pool) error

Provide allows the provider to provide configurations to traefik using the given configuration channel.

func (*ChallengeTLSALPN) ThrottleDuration added in v2.7.0 

func (c *ChallengeTLSALPN) ThrottleDuration() time.Duration

ThrottleDuration returns the throttle duration.

type Configuration 

type Configuration struct {
	Email                string `description:"Email address used for registration." json:"email,omitempty" toml:"email,omitempty" yaml:"email,omitempty"`
	CAServer             string `description:"CA server to use." json:"caServer,omitempty" toml:"caServer,omitempty" yaml:"caServer,omitempty"`
	PreferredChain       string `` /* 147-byte string literal not displayed */
	Storage              string `description:"Storage to use." json:"storage,omitempty" toml:"storage,omitempty" yaml:"storage,omitempty" export:"true"`
	KeyType              string `` /* 218-byte string literal not displayed */
	EAB                  *EAB   `description:"External Account Binding to use." json:"eab,omitempty" toml:"eab,omitempty" yaml:"eab,omitempty"`
	CertificatesDuration int    `` /* 174-byte string literal not displayed */

	DNSChallenge  *DNSChallenge  `` /* 181-byte string literal not displayed */
	HTTPChallenge *HTTPChallenge `` /* 185-byte string literal not displayed */
	TLSChallenge  *TLSChallenge  `` /* 186-byte string literal not displayed */
}

Configuration holds ACME configuration provided by users.

func (*Configuration) SetDefaults 

func (a *Configuration) SetDefaults()

SetDefaults sets the default values.

type DNSChallenge 

type DNSChallenge struct {
	Provider                string          `` /* 162-byte string literal not displayed */
	DelayBeforeCheck        ptypes.Duration `` /* 222-byte string literal not displayed */
	Resolvers               []string        `` /* 151-byte string literal not displayed */
	DisablePropagationCheck bool            `` /* 258-byte string literal not displayed */
}

DNSChallenge contains DNS challenge configuration.

type EAB added in v2.4.0 

type EAB struct {
	Kid         string `` /* 126-byte string literal not displayed */
	HmacEncoded string `` /* 159-byte string literal not displayed */
}

EAB contains External Account Binding configuration.

type HTTPChallenge 

type HTTPChallenge struct {
	EntryPoint string `` /* 137-byte string literal not displayed */
}

HTTPChallenge contains HTTP challenge configuration.

type LocalStore 

type LocalStore struct {
	// contains filtered or unexported fields
}

LocalStore Stores implementation for local file.

func NewLocalStore 

func NewLocalStore(filename string) *LocalStore

NewLocalStore initializes a new LocalStore with a file name.

func (*LocalStore) GetAccount 

func (s *LocalStore) GetAccount(resolverName string) (*Account, error)

GetAccount returns ACME Account.

func (*LocalStore) GetCertificates 

func (s *LocalStore) GetCertificates(resolverName string) ([]*CertAndStore, error)

GetCertificates returns ACME Certificates list.

func (*LocalStore) SaveAccount 

func (s *LocalStore) SaveAccount(resolverName string, account *Account) error

SaveAccount stores ACME Account.

func (*LocalStore) SaveCertificates 

func (s *LocalStore) SaveCertificates(resolverName string, certificates []*CertAndStore) error

SaveCertificates stores ACME Certificates list.

type Provider 

type Provider struct {
	*Configuration
	ResolverName string
	Store        Store `json:"store,omitempty" toml:"store,omitempty" yaml:"store,omitempty"`

	TLSChallengeProvider  challenge.Provider
	HTTPChallengeProvider challenge.Provider
	// contains filtered or unexported fields
}

Provider holds configurations of the provider.

func (*Provider) Init 

func (p *Provider) Init() error

Init for compatibility reason the BaseProvider implements an empty Init.

func (*Provider) ListenConfiguration 

func (p *Provider) ListenConfiguration(config dynamic.Configuration)

ListenConfiguration sets a new Configuration into the configFromListenerChan.

func (*Provider) Provide 

func (p *Provider) Provide(configurationChan chan<- dynamic.Message, pool *safe.Pool) error

Provide allows the file provider to provide configurations to traefik using the given Configuration channel.

func (*Provider) SetConfigListenerChan 

func (p *Provider) SetConfigListenerChan(configFromListenerChan chan dynamic.Configuration)

SetConfigListenerChan initializes the configFromListenerChan.

func (*Provider) SetTLSManager 

func (p *Provider) SetTLSManager(tlsManager *traefiktls.Manager)

SetTLSManager sets the tls manager to use.

func (*Provider) ThrottleDuration added in v2.7.0 

func (p *Provider) ThrottleDuration() time.Duration

ThrottleDuration returns the throttle duration.

type Store 

type Store interface {
	GetAccount(resolverName string) (*Account, error)
	SaveAccount(resolverName string, account *Account) error
	GetCertificates(resolverName string) ([]*CertAndStore, error)
	SaveCertificates(resolverName string, certificates []*CertAndStore) error
}

Store is a generic interface that represents a storage.

type StoredData 

type StoredData struct {
	Account      *Account
	Certificates []*CertAndStore
}

StoredData represents the data managed by Store.

type TLSChallenge 

type TLSChallenge struct{}

TLSChallenge contains TLS challenge configuration.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.