traefik-acme icon indicating copy to clipboard operation
traefik-acme copied to clipboard

Published 20 hours ago verified publisher icon koshatul

Metadata

Extract certificates from acme.json created by traefik.

~traefik-acme~

I'm not maintaining this anymore, so I've given it over to na4ma4/traefik-acme.

ci

~Extract certificates from acme.json created by traefik.~

Why

Using traefik to do the work of certbot is good, but sometimes you have other services that need access to the certificate, this CLI tool extracts them out so you can use them outside of traefik.

Usage

Usage:
  traefik-acme <domain> [flags]

Flags:
  -a, --acme string                   Location of acme.json file (default "/etc/traefik/acme.json")
  -c, --cert string                   Location to write out certificate (default "cert.pem")
  -r, --certificate-resolver string   Certificate Resovler name from traefik config (default "acme")
  -d, --debug                         Debug output
      --exit-code                     Exit with exit-code 99 if files updated
      --force                         Force writing to file even if not updated
  -h, --help                          help for traefik-acme
  -k, --key string                    Location to write out key file (default "key.pem")
  -v, --version                       version for traefik-acme

Running from command line, myresolver is the name of the certificate resolver defined in your traefik configuration. Example from the documentation [certificatesResolvers.myresolver.acme] would mean using myresolver as the parameter.

traefik-acme -r myresolver -a /config/acme.json -c /etc/service/cert.pem -k /etc/service/key.pem servicename.domain.com

If you want to use it in a script (for cron)

traefik-acme --exit-code -r mycertresolver -a /config/acme.json -c /etc/service/cert.pem -k /etc/service/key.pem servicename.domain.com
if [ $? == 99 ]; then
    systemctl reload service
fi

Traefik v1

Running from command line.

traefik-acme -a /config/acme.json -c /etc/service/cert.pem -k /etc/service/key.pem servicename.domain.com

If you want to use it in a script (for cron)

traefik-acme --exit-code -a /config/acme.json -c /etc/service/cert.pem -k /etc/service/key.pem servicename.domain.com
if [ $? == 99 ]; then
    systemctl reload service
fi

Docker

docker run --rm \
 -v "/docker/traefik/config/:/input" \
 -v "/docker/myservice/certs:/output" \
 --workdir /output \
 koshatul/traefik-acme:latest --acme "/input/acme.json" domain.example.com

The example expects the acme.json to be in /docker/traefik/config and to write the cert.pem and key.pem to /docker/myservice/certs.

Development

make test

ginkgo ./src/...

Metadata

29
Stars
1
Forks
Watchers

Owner

verified publisher icon koshatul

Metadata

Extract certificates from acme.json created by traefik.

Back