ACME
Call it The GCDLADB if you like.
Traefik and Acme.sh for DG-STAGING 6 min read Sep 15, 2020 | Updated: Sep 28, 2020 15:15
This post is a follow-up to Dockerized Traefik Host Using ACME DNS-01 Challenge and Staging ISLE Installation: Migrate Existing Islandora Site - with Annotations, specifically Step 11 in the later document. It introduces a Digital.Grinnell-specific implementation of the Traefik with Acme.sh. Testing with McFateM/docker-traefik2-acme-host I started work on this implementation with a test, by cloning https://github.com/McFateM/docker-traefik2-acme-host and proceeding as directed in the repository’s README.md document, as user islandora on node DGDockerX, like so: DGDockerX Host Commands cd ~ git clone https://github. ...
Host Config: docker-traefik2-acme-host 1 min read Jun 10, 2020
This post is celebrating the completion (really, is anything ever complete?) of a new server/host/stack deployment project: docker-traefik2-acme-host. In order to make this post really easy to read, I’m going to wrap it up in one bullet… README.md Troubleshooting Should you ever encounter an error like the one below, be sure to ask your IT provider if they created the proper CNAME record when creating your DNS entry. [Tue Jun 30 20:53:50 UTC 2020] ohscribe.grinnell.edu:Verify error:DNS problem: NXDOMAIN looking up TXT for _acme-challenge. ...
Traefik and Acme.sh Instead of DNS-01 13 min read Jun 2, 2020
This post is a follow-up to Dockerized Traefik Host Using ACME DNS-01 Challenge. It introduces an alternative to the failed process that was proposed in that earlier post. Note that the following config-specific elements have been replaced below: 6 occurances of ?.grinnell.edu now say example-1.grinnell.edu, and 2 occurances of ?.info now say example-2.info. New Proposal On June 1 my colleage, Matt, suggested the following… As much as I would like to resolve the DNS-01 challenge using Traefik alone, I don’t believe it will support what we’re trying to do here. ...
Simplified Testing of Traefik 2 with ACME DNS-01 Challenge 3 min read May 19, 2020
This post is a simplified and focused follow-up to Dockerized Traefik Host Using ACME DNS-01 Challenge. Simplify Today, 19-May-2020, I’m going to take a shot at simplifying my testing on dgdocker3.grinnell.edu by removing unnecessary things and consolidating as much as possible to reduce clutter in the logs and get right to the point. I’m also going to have a look to see if there are additional logs that can tell give me more detail. Everything used here, and everything that takes place here, will be found in a new directory, /opt/containers/test on DGDocker3. ...
Dockerized Traefik Host Using ACME DNS-01 Challenge 11 min read Apr 27, 2020
This post builds on My dockerized-server Config and attempts to change what was a problematic ACME HTTP-01 or httpChallenge in Traefik and Let’s Encrypt to an ACME DNS-01 or dnsChallenge. The problem with the old HTTP-01 or httpChallenge is that it requires the creation of a valid and widely accessible “A” record in our DNS before the creation of a cert; the record has to be in place so that the Let’s Encrypt CA-server can find it to confirm that the request is valid. ...