61 lines
1.4 KiB
YAML
61 lines
1.4 KiB
YAML
---
|
|
|
|
# The name of the Nomad job
|
|
instance: acme-to-vault
|
|
|
|
acme:
|
|
# The Docker image to use
|
|
image: '[[ .docker.repo ]]acme-to-vault:23.12-1'
|
|
|
|
# If a cron expression is defined, the service will stay running and renew certs.
|
|
# If an empty string, the container will exit after running once
|
|
cron: 22 0 * * *
|
|
|
|
# Resource allocation
|
|
resources:
|
|
cpu: 10
|
|
memory: 128
|
|
|
|
# Vault related settings
|
|
vault:
|
|
addr: http://localhost:8200
|
|
|
|
# The root in the KV store where the ACME account key and metadata will be stored
|
|
kv_account_root: kv/service/acme-to-vault/account
|
|
|
|
# Additional env
|
|
env:
|
|
LEGO_DISABLE_CNAME_SUPPORT: true
|
|
|
|
traefik:
|
|
# List of entrypoints where the http-01 challenges will be exposed
|
|
entrypoints:
|
|
- http
|
|
- https
|
|
middlewares:
|
|
- compression@file
|
|
tls: False
|
|
priority: 2000
|
|
|
|
accounts: []
|
|
# accounts:
|
|
# - ca: https://acme-staging-v02.api.letsencrypt.org/directory
|
|
# email: infra@lapiole.org
|
|
# kv_cert_root: kv/service/traefik/certs
|
|
# key_type: rsa4096
|
|
# certs:
|
|
# - test.lapiole.org,foobar.lapiole.org
|
|
# - audio.lapiole.org
|
|
# - rpms.lapiole.org
|
|
# - ca: https://acme-v02.api.letsencrypt.org/directory
|
|
# challenge: dns-01
|
|
# dns_provider: gandiv5
|
|
# dns_resolvers:
|
|
# - 1.1.1.1
|
|
# - 8.8.8.8
|
|
# dns_key_env: GANDIV5_API_KEY
|
|
# dns_key_value: XXXXXXX
|
|
# kv_cert_root: kv/service/postgres/ssl
|
|
# certs:
|
|
# - postgres.example.org
|