From 5aabb51cb599ec8227c863b62f28ed3e4a11b994 Mon Sep 17 00:00:00 2001 From: Joey Hafner Date: Thu, 15 Aug 2024 11:34:15 -0700 Subject: [PATCH] #4 Add debug logging Switch back to just one token with both Zone/DNS/Edit and Zone/Zone/Read permissions for 'All zones from account' --- homelab/fighter/config/traefik/docker-compose.yml | 3 +-- homelab/fighter/config/traefik/secrets.enc.env | 11 +++++------ homelab/fighter/config/traefik/traefik.yaml | 4 +++- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/homelab/fighter/config/traefik/docker-compose.yml b/homelab/fighter/config/traefik/docker-compose.yml index ac379131..96070faf 100644 --- a/homelab/fighter/config/traefik/docker-compose.yml +++ b/homelab/fighter/config/traefik/docker-compose.yml @@ -18,8 +18,7 @@ services: - $DOCKER_DATA/acme.json:/acme.json - $DOCKER_DATA/acme-dns01.json:/acme-dns01.json environment: - - CLOUDFLARE_DNS_API_TOKEN=${traefik_CF_DNS_API_TOKEN} - - CLOUDFLARE_ZONE_API_TOKEN=${traefik_CF_ZONE_API_TOKEN} + - CLOUDFLARE_DNS_API_TOKEN=${traefik_CLOUDFLARE_DNS_API_TOKEN} networks: web: diff --git a/homelab/fighter/config/traefik/secrets.enc.env b/homelab/fighter/config/traefik/secrets.enc.env index 0f43bf03..f8e173eb 100644 --- a/homelab/fighter/config/traefik/secrets.enc.env +++ b/homelab/fighter/config/traefik/secrets.enc.env @@ -1,10 +1,9 @@ -traefik_CF_DNS_API_TOKEN=ENC[AES256_GCM,data:KZMsmI/SbIeElj0jSHrgOQGJlMOf+Aja2OohITtC5sC7lddkovtv0gkJ,iv:Fh5OP6k4l1XpboKtIryiauN7bwWMfwLMw00o5ymGgHE=,tag:Qcn4iWqN4jVOZHcaLHcvug==,type:str] -traefik_CF_ZONE_API_TOKEN=ENC[AES256_GCM,data:mHN44Q1LMfU6nOjV1Rp3JysykhcQfg2Ijz9urbR4sMwNZs5PMF3xbjUa,iv:laG412/9TL1iVxz2t8+ncu1YYIovbey3eMuyPWrvuh0=,tag:0a93yqp5MmiL7X4BkpcP+Q==,type:str] -sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDTDVRa3dVU0JIZFp4S0dD\nTmZ0R3FrblJ6ZjVrZGVLWE0xc0s0aGVQVDBRCnlYRlIzUlZrZVl5S0tkWXNYMzI0\nRkJxVGxHOXNKOWtTMHZqS2p1RDF2aEUKLS0tIFlOVjd0QzUzNVp2aGZUODl0Zm0r\nbW4xYlMzenlLaDRKMmR5K2ZUb2tlUjAKWkhPzGYj4t8hNXzWw3rgmZ60MU+5VUJT\nKYOELuCvDsETaikH2aKhLtcVqtzrrRmeZN8+Mq6QPIzBmAT+AA6/wQ==\n-----END AGE ENCRYPTED FILE-----\n +traefik_CLOUDFLARE_DNS_API_TOKEN=ENC[AES256_GCM,data:2ABtZAM6cdNJsvDixm3dmrC0jbD99kSvqqMrib3SIfBFYAA/t8HEgSoG,iv:gqBvCFALZx1DLoU8JHnC7lLNKjq5dGDcDr4m6G19ieE=,tag:N76UAUWHZ/mb/XYT66dk5w==,type:str] +sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzRXhQM003Sy95QmJkWThx\nMTF5ZHBIYi9QQlNtRlZtS1h6YUdFSks4ejJvClhtcEI4M1ZTeE4xcXRSWWxrVzhJ\nMmJuN0RrZXBGVVU3ek9QeGQzS0s0elUKLS0tIEJuSXVQZjlnMXg5aCtQYTFmZUZk\nNzVXR0k4ZUZZSDBkckdjU0g3ekd1Zk0KkU2rU+Ft9syX7sMF8k9gHEZOWLQ1MYXR\nF4JC5KWtK+phJYIyv/gx4pQ/NGOryhq3gGETG+/vqF3yrcs3FWQW2g==\n-----END AGE ENCRYPTED FILE-----\n sops_age__list_0__map_recipient=age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00 -sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWdHF5MTJiV3d0U1NFdmIx\nenEyTVRGZjRobEtsV3Y2azBGWUptQ2l6UHdrCkFKZFppUGxLNVJXRlM2U2h0eE1P\nVVlHbWtiNXpyYVZMTVpYNG1tT3RHSlEKLS0tIHlsWTBrZ2hTMnJISXMyQ3QvNEF1\nWVlhZFQ0Nkp4UGh1OVk0Nk9QeXliazQKm5LbD3tFDNi1rcgiKQYo0j0N2/nwagaG\nkj3Kdv5FxY2K/oZ9ZP7/D8kTlDstr8Mvp7J5ujgLvjm+AYYihnXB6w==\n-----END AGE ENCRYPTED FILE-----\n +sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3aHVDOE5zY2ZiTHBxbzhi\nMmd0UUQvZ1B4emxhNVBZOC9qQ3lXWXdPOWtzCkJRTFhTYytEc3IxQVlyek85TDhW\nWDdTeXltTlpWQk9DeVpnTFJlb1ZuNnMKLS0tIGR4V0FvNmw4L0k2NVJoU3QwRHov\nQjRiWFZNRmxTOVZQeDB1bzFkdy9Ga0UKdT8tiGHkAnDpaajlrr4LkJH0hAD+2SRR\nlYk3646aC3KUFwQLMrboUldjqI08LAeqp244xAn99XiyVHmPLCJGFw==\n-----END AGE ENCRYPTED FILE-----\n sops_age__list_1__map_recipient=age13prhyye2jy3ysa6ltnjgkrqtxrxgs0035d86jyn4ltgk3wxtqgrqgav855 -sops_lastmodified=2024-08-15T17:45:12Z -sops_mac=ENC[AES256_GCM,data:os+jVmVPt18BliMTrNqC2h+oD9bJujm/17M5CtwSZk3l7M1FP7l8JT4+aLGSEk3vN89AjDE0y9pqV4bC27sUJKEmSaSCasubynZ0oxNRVo/2u//tY679PZueRwoUSQsNIuFXu+QMmtv4CfbyNHYgfbc3LwCdipixD8/FcSe7P70=,iv:smbAeRI9P4Gxuza9uz47J9YquN3BxGFPp+j3fZ1/5jo=,tag:yxNKAnMplhWJugCcuIvFYQ==,type:str] +sops_lastmodified=2024-08-15T18:33:02Z +sops_mac=ENC[AES256_GCM,data:rJTZxtpodyx0bAtoqtog29TNwp3IkdO2sDCysjWMycUxJfjjTFq3+YMzWHgf5WOCQdrY654CS04J0/zCy4+gEYB95gj09AROaa6oXtGSOtr2Wnhb9mrEoFrYHlOltMuYxDT4u25pLl9zlkIo3Fuzz/Ch9M5QsAx54bNA0jJ6L5c=,iv:+uTwDD5BzTeNNuRVGsTZlkuDcVkC7N+GXGw3FlW6W6c=,tag:7TMzUGohvbx+9ddBtuLc3w==,type:str] sops_unencrypted_suffix=_unencrypted sops_version=3.9.0 diff --git a/homelab/fighter/config/traefik/traefik.yaml b/homelab/fighter/config/traefik/traefik.yaml index 6dc61137..98f511ff 100644 --- a/homelab/fighter/config/traefik/traefik.yaml +++ b/homelab/fighter/config/traefik/traefik.yaml @@ -12,6 +12,9 @@ entryPoints: metrics: prometheus: {} +log: + level: DEBUG + certificatesResolvers: lets-encrypt: acme: @@ -28,7 +31,6 @@ certificatesResolvers: resolvers: - "1.1.1.1:53" - "8.8.8.8:53" - # CF_DNS_API_TOKEN api: insecure: true