traefik-certificate-extractor
traefik-certificate-extractor copied to clipboard
Published
20 hours ago •
SnowMB
SnowMB
New version needed for traefik V2.0
As the traefik V2.0 container creates a slightly different acme.json v2 file format code changes are needed:
diff -c extractor.py extractor.py.orig
*** extractor.py 2019-09-23 21:30:37.703743606 +0200
--- extractor.py.orig 2019-09-23 21:17:22.761616058 +0200
***************
*** 87,93 ****
def createCerts(args):
# Read JSON file
! data = json.loads(open(args.certificate).read())['default']
# Determine ACME version
acme_version = 2 if 'acme-v02' in data['Account']['Registration']['uri'] else 1
--- 87,93 ----
def createCerts(args):
# Read JSON file
! data = json.loads(open(args.certificate).read())
# Determine ACME version
acme_version = 2 if 'acme-v02' in data['Account']['Registration']['uri'] else 1
***************
*** 108,120 ****
fullchain = c['Certificate']['Certificate']
sans = c['Domains']['SANs']
elif acme_version == 2:
! name = c['domain']['main']
! privatekey = c['key']
! fullchain = c['certificate']
! if 'sans' in c['domain']:
! sans = c['domain']['sans']
! else:
! sans = []
if (args.include and name not in args.include) or (args.exclude and name in args.exclude):
continue
--- 108,117 ----
fullchain = c['Certificate']['Certificate']
sans = c['Domains']['SANs']
elif acme_version == 2:
! name = c['Domain']['Main']
! privatekey = c['Key']
! fullchain = c['Certificate']
! sans = c['Domain']['SANs']
if (args.include and name not in args.include) or (args.exclude and name in args.exclude):
continue
However even with this change the use in a dockerized enviornment seems not to work, as it does not recognize changes of acme.json on the Dockerhost. Also missing is an initial run, i.e. if a acme.json was already created, none of the keys are created unless a change of acme.json is detected.