Init Traefik certresolver for dns01 challenges

2024-08-12 16:40:17 -07:00 · 2024-08-12 16:40:17 -07:00 · b01948219f
commit b01948219f
parent 3b2c9039c5
3 changed files with 20 additions and 0 deletions
--- a/homelab/fighter/.gitignore
+++ b/homelab/fighter/.gitignore
@ -0,0 +1 @@
+secrets.env
--- a/homelab/fighter/config/traefik/docker-compose.yml
+++ b/homelab/fighter/config/traefik/docker-compose.yml
@ -16,9 +16,17 @@ services:
      - ./traefik.yaml:/traefik.yaml
      - ./config:/config
      - $DOCKER_DATA/acme.json:/acme.json
+    secrets:
+      - cloudflare_token
+    environment:
+      - CF_DNS_API_TOKEN=/run/secrets/cloudflare_token

 networks:
  web:
    external: true
  monitoring:
    external: true
+
+secrets:
+  cloudflare_token:
+    file: ./cloudflare_secret.txt
--- a/homelab/fighter/config/traefik/traefik.yaml
+++ b/homelab/fighter/config/traefik/traefik.yaml
@ -18,6 +18,17 @@ certificatesResolvers:
      email: jafner425@gmail.com
      storage: acme.json
      tlsChallenge: {}
+  lets-encrypt-dns01:
+    acme:
+      email: jafner425@gmail.com
+      storage: acme.json
+      caserver: https://acme-staging-v02.api.letsencrypt.org/directory
+      dnsChallenge: 
+        provider: cloudflare
+        resolvers:
+          - "1.1.1.1:53"
+          - "8.8.8.8:53"
+        # CF_DNS_API_TOKEN 

 api: 
  insecure: true