append selfsigned cert creation

2024-01-16 23:36:22 +01:00
parent cd63ad4a55
commit 938009c86d
3 changed files with 8 additions and 11 deletions
--- a/2
+++ b/2
@@ -6,6 +6,8 @@ mkdir tls-data

 docker network create $TRAEFIK_NETWORK

+sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./tls-data/selfsigned.key -out ./tls-data/selfsigned.crt
+
 docker compose up -d
 docker compose -f docker-compose-whoami.yml up -d

--- a/tls.yml
+++ b/tls.yml
@@ -12,18 +12,16 @@ tls:
  stores:
    default:
      defaultCertificate:
-        certFile: /tls/CF-altogether.at.crt
-        keyFile: /tls/CF-altogether.at.key 
+        certFile: /tls/selfsigned.crt
+        keyFile: /tls/selfsigned.key 
  certificates:
-    - certFile: /tls/CF-altogether.at.crt
-      keyFile: /tls/CF-altogether.at.key
+    - certFile: /tls/selfsigned.crt
+      keyFile: /tls/selfsigned.key
      
-    - certFile: /tls/wordpress.localhost.crt
-      keyFile: /tls/wordpress.localhost.key
  options:
    default:
      clientAuth:
        # in PEM format. each file can contain multiple CAs.
        caFiles:
-          - /tls/server.crt
+          - /tls/selfsigned.crt
        clientAuthType: VerifyClientCertIfGiven
--- a/traefik.yml
+++ b/traefik.yml
@@ -35,9 +35,6 @@ providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
-  #  endpoint: "tcp://dockerproxy:2375"
-  #  swarmMode: false
-  #  network: "socket_proxy"
  file:
    watch: true
    directory: "/etc/traefik/dynamic_conf"
@@ -45,6 +42,6 @@ providers:
 certificatesresolvers:
  le:
    acme:
-      email: "raphy.martin@protonmail.ch"
+      email: "rama@altogether.at"
      storage: "/certificates/acme.json"
      tlschallenge: true