authentik
authentik copied to clipboard
goauthentik
Lets Encrypt integration
Either DNS based (probably in Go) or via HTTP Challenge (http challenge is sent to and served by outpost)
DNS based is a must, http challenge would not work for all scenarios. In my case I have many internal only endpoints that do have valid certificates that currently are generated by Traefik using DNS challenge, that would not be possible with HTTP challenge
@samip5 Cert directory certainly sounds like a good first step, a folder on the worker that gets scanned every 5 minutes and all certificates in there will be imported/updated
@dougmaitelli DNS support might be feasible when authentik is all go, and go-lego can be used, I do not want to have to maintain 4728 DNS providers.
@BeryJu, makes sense, I was not aware of go-lego. This is the only feature currently preventing me of migrating from Traefik / Authelia. Thanks for all the hard work!
https://goauthentik.io/docs/core/certificates#external-certificates, will be included in 2021.12.1
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}
Couldn't you replace the proxy with swag which is based on nginx? Or nginx Things like crowdsec or modsecurity could be considered as well
We have a fully working, ready to go, DNS based LE + Zero SSL solution ready using Caddy and our https://github.com/caddy-dns/acmedns
https://caddy.community/t/new-acme-dns-libdns-plugin/15474/3
let me know what anyone here needs to try it out. Very hands off with the choice to even host the DNS server yourself, so it's all literally self hosted
