From 4a3b1f384750606c3fe77de3b1e4905aaa81b3ea Mon Sep 17 00:00:00 2001 From: Thomas Fan Date: Thu, 17 May 2018 06:32:03 -0400 Subject: [PATCH] Enable to override certificates in key-value store when using storeconfig --- acme/acme.go | 1 + cmd/storeconfig/storeconfig.go | 31 ++++++++++++++++++------------- docs/configuration/acme.md | 7 +++++++ 3 files changed, 26 insertions(+), 13 deletions(-) diff --git a/acme/acme.go b/acme/acme.go index f85b3177a..db1984f5b 100644 --- a/acme/acme.go +++ b/acme/acme.go @@ -52,6 +52,7 @@ type ACME struct { DNSProvider string `description:"(Deprecated) Activate DNS-01 Challenge"` // Deprecated DelayDontCheckDNS flaeg.Duration `description:"(Deprecated) Assume DNS propagates after a delay in seconds rather than finding and querying nameservers."` // Deprecated ACMELogging bool `description:"Enable debug logging of ACME actions."` + OverrideCertificates bool `description:"Enable to override certificates in key-value store when using storeconfig"` client *acme.Client defaultCertificate *tls.Certificate store cluster.Store diff --git a/cmd/storeconfig/storeconfig.go b/cmd/storeconfig/storeconfig.go index 83fc9048b..0dda148f7 100644 --- a/cmd/storeconfig/storeconfig.go +++ b/cmd/storeconfig/storeconfig.go @@ -85,21 +85,26 @@ func Run(kv *staert.KvSource, traefikConfiguration *cmd.TraefikConfiguration) fu } } - // Store the ACME Account into the KV Store - meta := cluster.NewMetadata(account) - err = meta.Marshall() - if err != nil { - return err - } + // Check to see if ACME account object is already in kv store + if traefikConfiguration.GlobalConfiguration.ACME.OverrideCertificates { - source := staert.KvSource{ - Store: kv, - Prefix: traefikConfiguration.GlobalConfiguration.ACME.Storage, - } + // Store the ACME Account into the KV Store + // Certificates in KV Store will be overridden + meta := cluster.NewMetadata(account) + err = meta.Marshall() + if err != nil { + return err + } - err = source.StoreConfig(meta) - if err != nil { - return err + source := staert.KvSource{ + Store: kv, + Prefix: traefikConfiguration.GlobalConfiguration.ACME.Storage, + } + + err = source.StoreConfig(meta) + if err != nil { + return err + } } // Force to delete storagefile diff --git a/docs/configuration/acme.md b/docs/configuration/acme.md index 092d736d5..6853ce419 100644 --- a/docs/configuration/acme.md +++ b/docs/configuration/acme.md @@ -63,6 +63,13 @@ entryPoint = "https" # # acmeLogging = true +# If true, override certificates in key-value store when using storeconfig. +# +# Optional +# Default: false +# +# overrideCertificates = true + # Enable on demand certificate generation. # # Optional (Deprecated)