Help Encrypt dnsChallenge Provider External Program

kmplngj · October 26, 2019, 10:39am

Hello,

could somebody help me with Let’s Encrypt dnsChallenge Provider External Program?

What do I have to config in which file?

I tried:

docker-compose

  reverse-proxy:
    build: 
        context: .
        dockerfile: Dockerfile-traefik
      ports:
      - "80:80"     # The HTTP port
      - "443:443"   # The HTTPS port
    hostname: traefik
    container_name: traefik
    restart: unless-stopped
    domainname: ${DOMAINNAME}
    environment:
      TZ: ${TZ}
      EXEC_PATH: "/etc/traefik/domaintool/update-dns.sh"
    networks:
      - frontend
      - backend
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
      - /etc/compose/etc-traefik:/etc/traefik
      - /etc/compose/shared:/shared
      - /etc/localtime:/etc/localtime:ro

dockerfile: Dockerfile-traefik

FROM traefik

RUN apk add bash curl

traefik.toml

## static configuration
# traefik.toml

[global]
  checkNewVersion = true
  sendAnonymousUsage = true

[serversTransport]
  insecureSkipVerify = true
  maxIdleConnsPerHost = 0

[entryPoints]
  [entryPoints.web]
    address = ":80"
  [entryPoints.web-secure]
    address = ":443"
  [entryPoints.ping]
      address = ":8082"

[providers]
  providersThrottleDuration = "2s"
  [providers.file]
    filename = "/etc/traefik/dynamic-conf.toml"
    watch = true

[api]
  insecure = true
  dashboard = true

[log]
  level = "DEBUG" 
  filePath = "/etc/traefik/log/log-file.log"
  format = "json"

[ping]
  entryPoint = "ping"

[certificatesResolvers]
  [certificatesResolvers.default]
    [certificatesResolvers.default.acme]
      email = "foo@bar.com"
      storage = "/etc/traefik/acme/acme.json"
      [certificatesResolvers.default.acme.dnsChallenge]
        provider = "exec"
        delayBeforeCheck = "600s"

dynamic-conf.toml

## dynamic configuration
# dynamic-conf.toml

[http.routers]

    [http.routers.router-wiki-unsecure]
        rule = "Host(`wiki.foo.bar`)"
        service = "wiki"
        entrypoints = ["web"]
        middlewares = ["redirect-https"]

    [http.routers.router-wiki]
        entrypoints = ["web-secure"]
        service = "wiki"
        rule = "Host(`wiki.foo.bar`)"
    [http.routers.router-wiki.tls]
        [[http.routers.router-wiki.tls.domains]]
            main = "*.foo.bar"

[http.services]
    [http.services.wiki.loadBalancer]
        passHostHeader = true
        [[http.services.wiki.loadBalancer.servers]]
            url = "http://192.168.203.209:8090"

[http.middlewares]
    [http.middlewares.redirect-https.redirectScheme]
        scheme = "https"

update-dns.sh is a small dirty bash script that set the txt record on my hosters domain service.

Thanks
Jan

titansmc · October 28, 2019, 9:12am

Hi,
I am interested also on setting this up, but cannot find too much information. What I am not sure is which is the input for the script to add the DNS record. I guess update-dns.sh also needs some parameters as input, right?

Topic		Replies	Views
Let's Encrypt dnsChallenge with exec "exec format error" Traefik v2 letsencrypt-acme	2	1377	September 8, 2020
Not able to obtain certificates via tlsChallenge or httpChallenge Traefik v2 letsencrypt-acme	1	3948	October 10, 2019
DNS-01 challenge fails Traefik v3 (latest) docker , letsencrypt-acme	11	1160	December 16, 2023
Reverse proxy the external service Traefik v2 docker	3	1246	October 20, 2023
Problem with Lets Encrypt. ACME Fails Traefik v2 docker , letsencrypt-acme	3	3355	March 11, 2022

Help Encrypt dnsChallenge Provider External Program

Related topics