maska/traefik-certs-dumper
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: maska:v2.9.0
Branches Tags
maska:main
maska:master
maska:experimental/multi-arch
maska:v2.10.0
maska:v2.9.3
maska:v2.9.2
maska:v2.9.1
maska:v2.9.0
maska:v2.8.3
maska:v2.8.2
maska:v2.8.1
maska:v2.8.0
maska:v2.7.4
maska:v2.7.3
maska:v2.7.2
maska:v2.7.1
maska:v2.7.0
maska:v2.6.0
maska:v2.5.7
maska:v2.5.6
maska:v2.5.5
maska:v2.5.4
maska:v2.5.3
maska:v2.5.0
maska:v2.4.2
maska:v2.4.1
maska:v2.4.0
maska:v2.3.4
maska:v2.3.3
maska:v2.3.2
maska:v2.3.1
maska:v2.3.0
maska:v2.2.3
maska:v2.2.2
maska:v2.2.1
maska:v2.2.0
maska:v2.1.0
maska:v2.0.0
maska:v1.5.0
maska:v1.4.1
maska:v1.4.0
maska:v1.3.0
maska:v1.2.0
maska:v1.1.0
maska:v1.0.0
...
compare: maska:main
Branches Tags
maska:main
maska:master
maska:experimental/multi-arch
maska:v2.10.0
maska:v2.9.3
maska:v2.9.2
maska:v2.9.1
maska:v2.9.0
maska:v2.8.3
maska:v2.8.2
maska:v2.8.1
maska:v2.8.0
maska:v2.7.4
maska:v2.7.3
maska:v2.7.2
maska:v2.7.1
maska:v2.7.0
maska:v2.6.0
maska:v2.5.7
maska:v2.5.6
maska:v2.5.5
maska:v2.5.4
maska:v2.5.3
maska:v2.5.0
maska:v2.4.2
maska:v2.4.1
maska:v2.4.0
maska:v2.3.4
maska:v2.3.3
maska:v2.3.2
maska:v2.3.1
maska:v2.3.0
maska:v2.2.3
maska:v2.2.2
maska:v2.2.1
maska:v2.2.0
maska:v2.1.0
maska:v2.0.0
maska:v1.5.0
maska:v1.4.1
maska:v1.4.0
maska:v1.3.0
maska:v1.2.0
maska:v1.1.0
maska:v1.0.0

30 Commits
v2.9.0 ... main

Author SHA1 Message Date
dependabot[bot]
0d8d35889d
chore: bump github.com/go-acme/lego/v4 from 4.22.2 to 4.25.2 (#224) 2025-08-06 21:55:29 +02:00
vgdh
ef2b9f9e1b
docs: disable network access inside examples (#223) 2025-07-06 22:27:30 +02:00
dependabot[bot]
d83e436bbb
chore: bump golang.org/x/net from 0.37.0 to 0.38.0 (#219) 2025-04-17 01:46:09 +02:00
Fernandez Ludovic
00ebf584ff chore: update linter 2025-03-25 03:34:46 +01:00
Fernandez Ludovic
38dd4b1898 chore: update linter 2025-03-09 19:36:21 +01:00
Fernandez Ludovic
ece40e90d6 chore: update dependencies 2025-03-09 19:35:45 +01:00
Fernandez Ludovic
5e2a080d2a chore: publish Docker images in GHCR 2025-03-09 19:32:33 +01:00
Fernandez Ludovic
07decbb976 chore: restrict workflows 2025-03-09 19:32:33 +01:00
Fernandez Ludovic
9a7fa88d60 docs: update readme 2025-02-21 22:35:42 +01:00
Fernandez Ludovic
a32520bcba docs: update examples 2025-02-21 22:34:35 +01:00
Fernandez Ludovic
39b542952b docs: update documentation 2025-02-21 22:30:27 +01:00
Fernandez Ludovic
b0aafdcc54 docs: improve readme 2025-02-13 03:04:45 +01:00
Fernandez Ludovic
565e4316ca chore: linting 2025-02-13 03:03:12 +01:00
Fernandez Ludovic
961192eb9b chore: update dependencies and Go version 2025-02-13 03:00:13 +01:00
Fernandez Ludovic
1bd1c094f2 chore: update linter 2025-02-13 02:53:42 +01:00
Fernandez Ludovic
380fa0efda chore: update linter 2025-02-13 02:51:32 +01:00
Ludovic Fernandez
059bfd27eb
chore: update donation URL 2025-01-24 22:38:24 +01:00
Fernandez Ludovic
45954b02ca chore: update funding 2025-01-06 20:17:49 +01:00
dependabot[bot]
e1b924f614
chore: bump golang.org/x/crypto from 0.28.0 to 0.31.0 (#212) 2024-12-12 02:10:59 +01:00
Blackmoon
865dceddf9
docs: adds all counts to one sum (#211) 2024-12-06 13:12:30 +00:00
Fernandez Ludovic
172bd870c6 feat: improve binary size 2024-12-05 14:58:48 +01:00
Fernandez Ludovic
ee3231c879 docs: fix examples 2024-12-05 14:51:38 +01:00
Fernandez Ludovic
d18ae5e249 fix: Docker image 2024-12-05 13:29:27 +01:00
Fernandez Ludovic
48166b4990 chore: update dependencies, and linter 2024-12-04 22:43:30 +01:00
Fernandez Ludovic
ec006d3466 chore: use goreleaser to publish Docker images 2024-12-04 22:43:30 +01:00
Fernandez Ludovic
754051fcb4 chore: help popup 2024-12-04 22:43:30 +01:00
Fernandez Ludovic
a4f74712d8 chore: update workflow 2024-12-02 22:19:30 +01:00
dependabot[bot]
4f9ee0b2aa
chore: bump github.com/traefik/traefik/v3 from 3.2.0 to 3.2.1 (#208) 2024-12-02 18:56:52 +01:00
dependabot[bot]
06a6f04be9
chore: bump github.com/traefik/traefik/v2 from 2.11.13 to 2.11.14 (#207) 2024-12-02 17:36:13 +00:00
Fernandez Ludovic
094a429688 fix: release workflow 2024-11-08 20:20:01 +01:00
39 changed files with 1024 additions and 1350 deletions
Show Stats Expand all files Collapse all files

1
.github/FUNDING.yml vendored
View File

@ -1,3 +1,4 @@
github: ldez github: ldez
ko_fi: ldez_oss ko_fi: ldez_oss
liberapay: ldez liberapay: ldez
thanks_dev: u/gh/ldez

4
.github/workflows/go-cross.yml vendored
View File

@ -3,8 +3,10 @@ name: Go Matrix
on: on:
push: push:
branches: branches:
- master - main
pull_request: pull_request:
branches:
- main
jobs: jobs:

9
.github/workflows/main.yml vendored
View File

@ -3,8 +3,10 @@ name: Main
on: on:
push: push:
branches: branches:
- master - main
pull_request: pull_request:
branches:
- main
jobs: jobs:
@ -13,8 +15,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
env: env:
GO_VERSION: stable GO_VERSION: stable
GOLANGCI_LINT_VERSION: v1.61.0 GOLANGCI_LINT_VERSION: v2.0.1
SEIHON_VERSION: v0.9.0
CGO_ENABLED: 0 CGO_ENABLED: 0
steps: steps:
@ -33,7 +34,7 @@ jobs:
# https://golangci-lint.run/usage/install#other-ci # https://golangci-lint.run/usage/install#other-ci
- name: Install golangci-lint ${{ env.GOLANGCI_LINT_VERSION }} - name: Install golangci-lint ${{ env.GOLANGCI_LINT_VERSION }}
run: | run: |
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin ${GOLANGCI_LINT_VERSION} curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/HEAD/install.sh | sh -s -- -b $(go env GOPATH)/bin ${GOLANGCI_LINT_VERSION}
golangci-lint --version golangci-lint --version
- name: Make - name: Make

38
.github/workflows/release.yml vendored
View File

@ -10,7 +10,6 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
env: env:
GO_VERSION: stable GO_VERSION: stable
SEIHON_VERSION: v0.9.0
CGO_ENABLED: 0 CGO_ENABLED: 0
steps: steps:
@ -43,28 +42,29 @@ jobs:
with: with:
go-version: ${{ env.GO_VERSION }} go-version: ${{ env.GO_VERSION }}
- name: Make - name: dockerhub-login
run: make build uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: ghcr-login
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Run GoReleaser - name: Run GoReleaser
uses: goreleaser/goreleaser-action@v5 uses: goreleaser/goreleaser-action@v6
with: with:
version: latest version: latest
args: release -p 1 --clean --timeout=90m args: release -p 1 --clean --timeout=90m
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install seihon ${{ env.SEIHON_VERSION }}
run: |
curl -sSfL https://raw.githubusercontent.com/ldez/seihon/master/godownloader.sh | sh -s -- -b $(go env GOPATH)/bin ${SEIHON_VERSION}
seihon --version
- name: Docker Login
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
run: |
echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin
- name: Deploy Docker Images (seihon)
run: make publish-images

187
.golangci.yml
View File

@ -1,107 +1,108 @@
run: version: "2"
timeout: 5m
linters-settings: formatters:
govet: enable:
enable-all: true - gci
disable: - gofumpt
- fieldalignment settings:
gocyclo: gofumpt:
min-complexity: 12 extra-rules: true
goconst:
min-len: 3
min-occurrences: 3
misspell:
locale: US
gofumpt:
extra-rules: true
depguard:
rules:
main:
deny:
- pkg: "github.com/instana/testify"
desc: not allowed
- pkg: "github.com/pkg/errors"
desc: Should be replaced by standard lib errors package
funlen:
lines: -1
statements: 40
godox:
keywords:
- FIXME
gocritic:
enabled-tags:
- diagnostic
- style
- performance
disabled-checks:
- sloppyReassign
- rangeValCopy
- octalLiteral
- paramTypeCombine # already handle by gofumpt.extra-rules
settings:
hugeParam:
sizeThreshold: 100
forbidigo:
forbid:
- '^print(ln)?$'
- '^spew\.Print(f|ln)?$'
- '^spew\.Dump$'
gomoddirectives:
replace-allow-list:
- github.com/abbot/go-http-auth
- github.com/go-check/check
- github.com/gorilla/mux
- github.com/mailgun/minheap
- github.com/mailgun/multibuf
- github.com/jaguilar/vt100
gosec:
excludes:
- G204 # Subprocess launched with a potential tainted input or cmd arguments
- G301 # Expect directory permissions to be 0750 or less
- G306 # Expect WriteFile permissions to be 0600 or less
linters: linters:
enable-all: true default: all
disable: disable:
- gomnd # deprecated
- execinquery # deprecated
- exportloopref # deprecated
- sqlclosecheck # not relevant (SQL)
- rowserrcheck # not relevant (SQL)
- cyclop # duplicate of gocyclo - cyclop # duplicate of gocyclo
- lll
- dupl - dupl
- prealloc
- wsl
- nlreturn
- mnd
- testpackage
- paralleltest
- tparallel
- err113 - err113
- wrapcheck
- exhaustive - exhaustive
- exhaustruct - exhaustruct
- varnamelen - lll
- mnd
- nilnil - nilnil
- nlreturn
- paralleltest
- prealloc
- rowserrcheck # not relevant (SQL)
- sqlclosecheck # not relevant (SQL)
- testpackage
- tparallel
- varnamelen
- wrapcheck
- wsl
settings:
depguard:
rules:
main:
deny:
- pkg: github.com/instana/testify
desc: not allowed
- pkg: github.com/pkg/errors
desc: Should be replaced by standard lib errors package
forbidigo:
forbid:
- pattern: ^print(ln)?$
- pattern: ^spew\.Print(f|ln)?$
- pattern: ^spew\.Dump$
funlen:
lines: -1
statements: 40
goconst:
min-len: 3
min-occurrences: 3
gocritic:
disabled-checks:
- sloppyReassign
- rangeValCopy
- octalLiteral
- paramTypeCombine # already handle by gofumpt.extra-rules
enabled-tags:
- diagnostic
- style
- performance
settings:
hugeParam:
sizeThreshold: 100
gocyclo:
min-complexity: 12
godox:
keywords:
- FIXME
gomoddirectives:
replace-allow-list:
- github.com/abbot/go-http-auth
- github.com/go-check/check
- github.com/gorilla/mux
- github.com/mailgun/minheap
- github.com/mailgun/multibuf
- github.com/jaguilar/vt100
gosec:
excludes:
- G204 # Subprocess launched with a potential tainted input or cmd arguments
- G301 # Expect directory permissions to be 0750 or less
- G306 # Expect WriteFile permissions to be 0600 or less
govet:
disable:
- fieldalignment
enable-all: true
misspell:
locale: US
exclusions:
presets:
- comments
rules:
- linters:
- gochecknoglobals
- gochecknoinits
path: cmd/
- linters:
- tagalign
path: internal/traefikv[1-3]/
- path: (.+)\.go$
text: 'ST1000: at least one file in a package should have a package comment'
- path: (.+)\.go$
text: 'package-comments: should have a package comment'
issues: issues:
exclude-use-default: false
max-issues-per-linter: 0 max-issues-per-linter: 0
max-same-issues: 0 max-same-issues: 0
exclude:
- 'ST1000: at least one file in a package should have a package comment'
- 'package-comments: should have a package comment'
exclude-rules:
- path: cmd/
linters:
- gochecknoglobals
- gochecknoinits
output:
show-stats: true
sort-results: true
sort-order:
- linter
- file

179
.goreleaser.yml
View File

@ -6,7 +6,7 @@ builds:
ldflags: ldflags:
- -s -w -X github.com/ldez/traefik-certs-dumper/cmd.version={{.Version}} -X github.com/ldez/traefik-certs-dumper/cmd.commit={{.ShortCommit}} -X github.com/ldez/traefik-certs-dumper/cmd.date={{.Date}} - -s -w -X github.com/ldez/traefik-certs-dumper/cmd.version={{.Version}} -X github.com/ldez/traefik-certs-dumper/cmd.commit={{.ShortCommit}} -X github.com/ldez/traefik-certs-dumper/cmd.date={{.Date}}
env: env:
- GO111MODULE=on - CGO_ENABLED=0
goos: goos:
- linux - linux
- darwin - darwin
@ -41,9 +41,182 @@ changelog:
archives: archives:
- id: tcd - id: tcd
name_template: '{{ .ProjectName }}_v{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}' name_template: '{{ .ProjectName }}_v{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}'
format: tar.gz formats: [ 'tar.gz' ]
format_overrides: format_overrides:
- goos: windows - goos: windows
format: zip formats: [ 'zip' ]
files: files:
- LICENSE - LICENSE
docker_manifests:
- name_template: 'ldez/traefik-certs-dumper:{{ .Tag }}'
image_templates:
- 'ldez/traefik-certs-dumper:{{ .Tag }}-amd64'
- 'ldez/traefik-certs-dumper:{{ .Tag }}-arm64'
- 'ldez/traefik-certs-dumper:{{ .Tag }}-armv7'
- 'ldez/traefik-certs-dumper:{{ .Tag }}-armv6'
- 'ldez/traefik-certs-dumper:{{ .Tag }}-386'
- name_template: 'ldez/traefik-certs-dumper:latest'
image_templates:
- 'ldez/traefik-certs-dumper:{{ .Tag }}-amd64'
- 'ldez/traefik-certs-dumper:{{ .Tag }}-arm64'
- 'ldez/traefik-certs-dumper:{{ .Tag }}-armv7'
- 'ldez/traefik-certs-dumper:{{ .Tag }}-armv6'
- 'ldez/traefik-certs-dumper:{{ .Tag }}-386'
- name_template: 'ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}'
image_templates:
- 'ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-amd64'
- 'ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-arm64'
- 'ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-armv7'
- 'ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-armv6'
- 'ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-386'
- name_template: 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}'
image_templates:
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-amd64'
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-arm64'
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-armv7'
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-armv6'
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-386'
- name_template: 'ghcr.io/ldez/traefik-certs-dumper:latest'
image_templates:
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-amd64'
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-arm64'
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-armv7'
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-armv6'
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-386'
- name_template: 'ghcr.io/ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}'
image_templates:
- 'ghcr.io/ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-amd64'
- 'ghcr.io/ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-arm64'
- 'ghcr.io/ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-armv7'
- 'ghcr.io/ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-armv6'
- 'ghcr.io/ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-386'
dockers:
- use: buildx
goos: linux
goarch: amd64
dockerfile: buildx.Dockerfile
image_templates:
- 'ldez/traefik-certs-dumper:latest-amd64'
- 'ldez/traefik-certs-dumper:{{ .Tag }}-amd64'
- 'ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-amd64'
- 'ghcr.io/ldez/traefik-certs-dumper:latest-amd64'
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-amd64'
- 'ghcr.io/ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-amd64'
build_flag_templates:
- '--pull'
# https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys
- '--label=org.opencontainers.image.title={{.ProjectName}}'
- '--label=org.opencontainers.image.description=Dump ACME data from Traefik to certificates'
- '--label=org.opencontainers.image.source={{.GitURL}}'
- '--label=org.opencontainers.image.url={{.GitURL}}'
- '--label=org.opencontainers.image.documentation=https://github.com/ldez/traefik-certs-dumper'
- '--label=org.opencontainers.image.created={{.Date}}'
- '--label=org.opencontainers.image.revision={{.FullCommit}}'
- '--label=org.opencontainers.image.version={{.Version}}'
- '--platform=linux/amd64'
- use: buildx
goos: linux
goarch: arm64
dockerfile: buildx.Dockerfile
image_templates:
- 'ldez/traefik-certs-dumper:latest-arm64'
- 'ldez/traefik-certs-dumper:latest-arm.v8' # only for compatibility with Seihon
- 'ldez/traefik-certs-dumper:{{ .Tag }}-arm64'
- 'ldez/traefik-certs-dumper:{{ .Tag }}-arm.v8' # only for compatibility with Seihon
- 'ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-arm64'
- 'ghcr.io/ldez/traefik-certs-dumper:latest-arm64'
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-arm64'
- 'ghcr.io/ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-arm64'
build_flag_templates:
- '--pull'
# https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys
- '--label=org.opencontainers.image.title={{.ProjectName}}'
- '--label=org.opencontainers.image.description=Dump ACME data from Traefik to certificates'
- '--label=org.opencontainers.image.source={{.GitURL}}'
- '--label=org.opencontainers.image.url={{.GitURL}}'
- '--label=org.opencontainers.image.documentation=https://github.com/ldez/traefik-certs-dumper'
- '--label=org.opencontainers.image.created={{.Date}}'
- '--label=org.opencontainers.image.revision={{.FullCommit}}'
- '--label=org.opencontainers.image.version={{.Version}}'
- '--platform=linux/arm64'
- use: buildx
goos: linux
goarch: arm
goarm: '7'
dockerfile: buildx.Dockerfile
image_templates:
- 'ldez/traefik-certs-dumper:latest-armv7'
- 'ldez/traefik-certs-dumper:latest-arm.v7' # only for compatibility with Seihon
- 'ldez/traefik-certs-dumper:{{ .Tag }}-armv7'
- 'ldez/traefik-certs-dumper:{{ .Tag }}-arm.v7' # only for compatibility with Seihon
- 'ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-armv7'
- 'ghcr.io/ldez/traefik-certs-dumper:latest-armv7'
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-armv7'
- 'ghcr.io/ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-armv7'
build_flag_templates:
- '--pull'
# https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys
- '--label=org.opencontainers.image.title={{.ProjectName}}'
- '--label=org.opencontainers.image.description=Dump ACME data from Traefik to certificates'
- '--label=org.opencontainers.image.source={{.GitURL}}'
- '--label=org.opencontainers.image.url={{.GitURL}}'
- '--label=org.opencontainers.image.documentation=https://github.com/ldez/traefik-certs-dumper'
- '--label=org.opencontainers.image.created={{.Date}}'
- '--label=org.opencontainers.image.revision={{.FullCommit}}'
- '--label=org.opencontainers.image.version={{.Version}}'
- '--platform=linux/arm/v7'
- use: buildx
goos: linux
goarch: arm
goarm: '6'
dockerfile: buildx.Dockerfile
image_templates:
- 'ldez/traefik-certs-dumper:latest-armv6'
- 'ldez/traefik-certs-dumper:latest-arm.v6' # only for compatibility with Seihon
- 'ldez/traefik-certs-dumper:{{ .Tag }}-armv6'
- 'ldez/traefik-certs-dumper:{{ .Tag }}-arm.v6' # only for compatibility with Seihon
- 'ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-armv6'
- 'ghcr.io/ldez/traefik-certs-dumper:latest-armv6'
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-armv6'
- 'ghcr.io/ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-armv6'
build_flag_templates:
- '--pull'
# https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys
- '--label=org.opencontainers.image.title={{.ProjectName}}'
- '--label=org.opencontainers.image.description=Dump ACME data from Traefik to certificates'
- '--label=org.opencontainers.image.source={{.GitURL}}'
- '--label=org.opencontainers.image.url={{.GitURL}}'
- '--label=org.opencontainers.image.documentation=https://github.com/ldez/traefik-certs-dumper'
- '--label=org.opencontainers.image.created={{.Date}}'
- '--label=org.opencontainers.image.revision={{.FullCommit}}'
- '--label=org.opencontainers.image.version={{.Version}}'
- '--platform=linux/arm/v6'
- use: buildx
goos: linux
goarch: '386'
dockerfile: buildx.Dockerfile
image_templates:
- 'ldez/traefik-certs-dumper:latest-386'
- 'ldez/traefik-certs-dumper:{{ .Tag }}-386'
- 'ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-386'
- 'ghcr.io/ldez/traefik-certs-dumper:latest-386'
- 'ghcr.io/ldez/traefik-certs-dumper:{{ .Tag }}-386'
- 'ghcr.io/ldez/traefik-certs-dumper:v{{ .Major }}.{{ .Minor }}-386'
build_flag_templates:
- '--pull'
# https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys
- '--label=org.opencontainers.image.title={{.ProjectName}}'
- '--label=org.opencontainers.image.description=Dump ACME data from Traefik to certificates'
- '--label=org.opencontainers.image.source={{.GitURL}}'
- '--label=org.opencontainers.image.url={{.GitURL}}'
- '--label=org.opencontainers.image.documentation=https://github.com/ldez/traefik-certs-dumper'
- '--label=org.opencontainers.image.created={{.Date}}'
- '--label=org.opencontainers.image.revision={{.FullCommit}}'
- '--label=org.opencontainers.image.version={{.Version}}'
- '--platform=linux/386'

3
Makefile
View File

@ -25,6 +25,3 @@ checks:
doc: doc:
go run . doc go run . doc
publish-images:
seihon publish -v "$(TAG_NAME)" -v "latest" --image-name ldez/traefik-certs-dumper --dry-run=false

9
buildx.Dockerfile Normal file
View File

@ -0,0 +1,9 @@
# syntax=docker/dockerfile:1.4
FROM alpine:3
RUN apk --no-cache --no-progress add git ca-certificates tzdata jq \
&& rm -rf /var/cache/apk/*
COPY traefik-certs-dumper /usr/bin/traefik-certs-dumper
ENTRYPOINT ["/usr/bin/traefik-certs-dumper"]

38
cmd/root.go
View File

@ -1,12 +1,16 @@
package cmd package cmd
import ( import (
"crypto/rand"
"fmt" "fmt"
"log" "log"
"math/big"
"os" "os"
"path/filepath" "path/filepath"
"strconv" "strconv"
"time"
"github.com/charmbracelet/lipgloss"
"github.com/ldez/traefik-certs-dumper/v2/dumper" "github.com/ldez/traefik-certs-dumper/v2/dumper"
"github.com/mitchellh/go-homedir" "github.com/mitchellh/go-homedir"
"github.com/spf13/cobra" "github.com/spf13/cobra"
@ -34,6 +38,7 @@ var rootCmd = &cobra.Command{
return fmt.Errorf("--crt-ext (%q) and --key-ext (%q) are identical, in this case --domain-subdir is required", crtExt, keyExt) return fmt.Errorf("--crt-ext (%q) and --key-ext (%q) are identical, in this case --domain-subdir is required", crtExt, keyExt)
} }
} }
return nil return nil
}, },
} }
@ -45,6 +50,8 @@ func Execute() {
log.Println(err) log.Println(err)
os.Exit(1) os.Exit(1)
} }
help()
} }
func init() { func init() {
@ -177,3 +184,34 @@ func getBaseConfig(cmd *cobra.Command) (*dumper.BaseConfig, error) {
Hook: cmd.Flag("post-hook").Value.String(), Hook: cmd.Flag("post-hook").Value.String(),
}, nil }, nil
} }
func help() {
var maxInt int64 = 2 // -> 50%
if time.Now().Month() == time.December {
maxInt = 1 // -> 100%
}
n, _ := rand.Int(rand.Reader, big.NewInt(maxInt))
if n.Cmp(big.NewInt(0)) != 0 {
return
}
log.SetFlags(0)
pStyle := lipgloss.NewStyle().
Padding(1).
BorderStyle(lipgloss.RoundedBorder()).
BorderForeground(lipgloss.Color("161")).
Align(lipgloss.Center)
hStyle := lipgloss.NewStyle().Bold(true)
s := fmt.Sprintln(hStyle.Render("Request for Donation."))
s += `
I need your help!
Donations fund the maintenance and development of traefik-certs-dumper.
Click on this link to donate: https://donate.ldez.dev`
log.Println(pStyle.Render(s))
log.SetFlags(log.LstdFlags | log.Lshortfile)
}

8
docs/docker-compose-traefik-v1.yml
View File

@ -1,5 +1,3 @@
version: '3.7'
services: services:
traefik: traefik:
image: traefik:v1.7 image: traefik:v1.7
@ -25,10 +23,9 @@ services:
- ./letsencrypt:/letsencrypt - ./letsencrypt:/letsencrypt
traefik-certs-dumper: traefik-certs-dumper:
image: ldez/traefik-certs-dumper:v2.8.1 image: ldez/traefik-certs-dumper:v2.9.3
entrypoint: sh -c ' entrypoint: sh -c '
apk add jq while ! [ -e /data/acme.json ]
; while ! [ -e /data/acme.json ]
|| ! [ `jq ".Certificates | length" /data/acme.json` != 0 ]; do || ! [ `jq ".Certificates | length" /data/acme.json` != 0 ]; do
sleep 1 sleep 1
; done ; done
@ -36,6 +33,7 @@ services:
--source /data/acme.json --dest /data/certs' --source /data/acme.json --dest /data/certs'
volumes: volumes:
- ./letsencrypt:/data - ./letsencrypt:/data
network_mode: "none"
whoami: whoami:
image: traefik/whoami:v1.8.1 image: traefik/whoami:v1.8.1

12
docs/docker-compose-traefik-v2.yml
View File

@ -1,5 +1,3 @@
version: '3.9'
services: services:
traefik: traefik:
@ -25,18 +23,18 @@ services:
- ./letsencrypt/:/letsencrypt - ./letsencrypt/:/letsencrypt
traefik-certs-dumper: traefik-certs-dumper:
image: ldez/traefik-certs-dumper:v2.8.3 image: ldez/traefik-certs-dumper:v2.9.3
entrypoint: sh -c ' entrypoint: sh -c '
apk add jq while ! [ -e /data/acme.json ]
; while ! [ -e /data/acme.json ] || ! [ `jq ".[] | .Certificates | length" /data/acme.json | jq -s "add" ` != 0 ]; do
|| ! [ `jq ".[] | .Certificates | length" /data/acme.json` != 0 ]; do
sleep 1 sleep 1
; done ; done
&& traefik-certs-dumper file --version v2 --watch && traefik-certs-dumper file --version v2 --watch
--source /data/acme.json --dest /data/certs' --source /data/acme.json --dest /data/certs'
volumes: volumes:
- ./letsencrypt:/data - ./letsencrypt:/data
network_mode: "none"
whoami: whoami:
image: traefik/whoami:v1.8.1 image: traefik/whoami:v1.8.1
labels: labels:

3
docs/traefik-certs-dumper.md
View File

@ -24,8 +24,9 @@ Dump Let's Encrypt certificates from Traefik.
### SEE ALSO ### SEE ALSO
* [traefik-certs-dumper completion](traefik-certs-dumper_completion.md) - Generate the autocompletion script for the specified shell
* [traefik-certs-dumper file](traefik-certs-dumper_file.md) - Dump the content of the "acme.json" file. * [traefik-certs-dumper file](traefik-certs-dumper_file.md) - Dump the content of the "acme.json" file.
* [traefik-certs-dumper kv](traefik-certs-dumper_kv.md) - Dump the content of a KV store. * [traefik-certs-dumper kv](traefik-certs-dumper_kv.md) - Dump the content of a KV store.
* [traefik-certs-dumper version](traefik-certs-dumper_version.md) - Display version * [traefik-certs-dumper version](traefik-certs-dumper_version.md) - Display version
###### Auto generated by spf13/cobra on 9-Oct-2019 ###### Auto generated by spf13/cobra on 21-Feb-2025

40
docs/traefik-certs-dumper_completion.md Normal file
View File

@ -0,0 +1,40 @@
## traefik-certs-dumper completion
Generate the autocompletion script for the specified shell
### Synopsis
Generate the autocompletion script for traefik-certs-dumper for the specified shell.
See each sub-command's help for details on how to use the generated script.
### Options
```
-h, --help help for completion
```
### Options inherited from parent commands
```
--clean Clean destination folder before dumping content. (default true)
--config string config file (default is $HOME/.traefik-certs-dumper.yaml)
--crt-ext string The file extension of the generated certificates. (default ".crt")
--crt-name string The file name (without extension) of the generated certificates. (default "certificate")
--dest string Path to store the dump content. (default "./dump")
--domain-subdir Use domain as sub-directory.
--key-ext string The file extension of the generated private keys. (default ".key")
--key-name string The file name (without extension) of the generated private keys. (default "privatekey")
--post-hook string Execute a command only if changes occurs on the data source. (works only with the watch mode)
--watch Enable watching changes.
```
### SEE ALSO
* [traefik-certs-dumper](traefik-certs-dumper.md) - Dump Let's Encrypt certificates from Traefik.
* [traefik-certs-dumper completion bash](traefik-certs-dumper_completion_bash.md) - Generate the autocompletion script for bash
* [traefik-certs-dumper completion fish](traefik-certs-dumper_completion_fish.md) - Generate the autocompletion script for fish
* [traefik-certs-dumper completion powershell](traefik-certs-dumper_completion_powershell.md) - Generate the autocompletion script for powershell
* [traefik-certs-dumper completion zsh](traefik-certs-dumper_completion_zsh.md) - Generate the autocompletion script for zsh
###### Auto generated by spf13/cobra on 21-Feb-2025

59
docs/traefik-certs-dumper_completion_bash.md Normal file
View File

@ -0,0 +1,59 @@
## traefik-certs-dumper completion bash
Generate the autocompletion script for bash
### Synopsis
Generate the autocompletion script for the bash shell.
This script depends on the 'bash-completion' package.
If it is not installed already, you can install it via your OS's package manager.
To load completions in your current shell session:
source <(traefik-certs-dumper completion bash)
To load completions for every new session, execute once:
#### Linux:
traefik-certs-dumper completion bash > /etc/bash_completion.d/traefik-certs-dumper
#### macOS:
traefik-certs-dumper completion bash > $(brew --prefix)/etc/bash_completion.d/traefik-certs-dumper
You will need to start a new shell for this setup to take effect.
```
traefik-certs-dumper completion bash
```
### Options
```
-h, --help help for bash
--no-descriptions disable completion descriptions
```
### Options inherited from parent commands
```
--clean Clean destination folder before dumping content. (default true)
--config string config file (default is $HOME/.traefik-certs-dumper.yaml)
--crt-ext string The file extension of the generated certificates. (default ".crt")
--crt-name string The file name (without extension) of the generated certificates. (default "certificate")
--dest string Path to store the dump content. (default "./dump")
--domain-subdir Use domain as sub-directory.
--key-ext string The file extension of the generated private keys. (default ".key")
--key-name string The file name (without extension) of the generated private keys. (default "privatekey")
--post-hook string Execute a command only if changes occurs on the data source. (works only with the watch mode)
--watch Enable watching changes.
```
### SEE ALSO
* [traefik-certs-dumper completion](traefik-certs-dumper_completion.md) - Generate the autocompletion script for the specified shell
###### Auto generated by spf13/cobra on 21-Feb-2025

50
docs/traefik-certs-dumper_completion_fish.md Normal file
View File

@ -0,0 +1,50 @@
## traefik-certs-dumper completion fish
Generate the autocompletion script for fish
### Synopsis
Generate the autocompletion script for the fish shell.
To load completions in your current shell session:
traefik-certs-dumper completion fish | source
To load completions for every new session, execute once:
traefik-certs-dumper completion fish > ~/.config/fish/completions/traefik-certs-dumper.fish
You will need to start a new shell for this setup to take effect.
```
traefik-certs-dumper completion fish [flags]
```
### Options
```
-h, --help help for fish
--no-descriptions disable completion descriptions
```
### Options inherited from parent commands
```
--clean Clean destination folder before dumping content. (default true)
--config string config file (default is $HOME/.traefik-certs-dumper.yaml)
--crt-ext string The file extension of the generated certificates. (default ".crt")
--crt-name string The file name (without extension) of the generated certificates. (default "certificate")
--dest string Path to store the dump content. (default "./dump")
--domain-subdir Use domain as sub-directory.
--key-ext string The file extension of the generated private keys. (default ".key")
--key-name string The file name (without extension) of the generated private keys. (default "privatekey")
--post-hook string Execute a command only if changes occurs on the data source. (works only with the watch mode)
--watch Enable watching changes.
```
### SEE ALSO
* [traefik-certs-dumper completion](traefik-certs-dumper_completion.md) - Generate the autocompletion script for the specified shell
###### Auto generated by spf13/cobra on 21-Feb-2025

47
docs/traefik-certs-dumper_completion_powershell.md Normal file
View File

@ -0,0 +1,47 @@
## traefik-certs-dumper completion powershell
Generate the autocompletion script for powershell
### Synopsis
Generate the autocompletion script for powershell.
To load completions in your current shell session:
traefik-certs-dumper completion powershell | Out-String | Invoke-Expression
To load completions for every new session, add the output of the above command
to your powershell profile.
```
traefik-certs-dumper completion powershell [flags]
```
### Options
```
-h, --help help for powershell
--no-descriptions disable completion descriptions
```
### Options inherited from parent commands
```
--clean Clean destination folder before dumping content. (default true)
--config string config file (default is $HOME/.traefik-certs-dumper.yaml)
--crt-ext string The file extension of the generated certificates. (default ".crt")
--crt-name string The file name (without extension) of the generated certificates. (default "certificate")
--dest string Path to store the dump content. (default "./dump")
--domain-subdir Use domain as sub-directory.
--key-ext string The file extension of the generated private keys. (default ".key")
--key-name string The file name (without extension) of the generated private keys. (default "privatekey")
--post-hook string Execute a command only if changes occurs on the data source. (works only with the watch mode)
--watch Enable watching changes.
```
### SEE ALSO
* [traefik-certs-dumper completion](traefik-certs-dumper_completion.md) - Generate the autocompletion script for the specified shell
###### Auto generated by spf13/cobra on 21-Feb-2025

61
docs/traefik-certs-dumper_completion_zsh.md Normal file
View File

@ -0,0 +1,61 @@
## traefik-certs-dumper completion zsh
Generate the autocompletion script for zsh
### Synopsis
Generate the autocompletion script for the zsh shell.
If shell completion is not already enabled in your environment you will need
to enable it. You can execute the following once:
echo "autoload -U compinit; compinit" >> ~/.zshrc
To load completions in your current shell session:
source <(traefik-certs-dumper completion zsh)
To load completions for every new session, execute once:
#### Linux:
traefik-certs-dumper completion zsh > "${fpath[1]}/_traefik-certs-dumper"
#### macOS:
traefik-certs-dumper completion zsh > $(brew --prefix)/share/zsh/site-functions/_traefik-certs-dumper
You will need to start a new shell for this setup to take effect.
```
traefik-certs-dumper completion zsh [flags]
```
### Options
```
-h, --help help for zsh
--no-descriptions disable completion descriptions
```
### Options inherited from parent commands
```
--clean Clean destination folder before dumping content. (default true)
--config string config file (default is $HOME/.traefik-certs-dumper.yaml)
--crt-ext string The file extension of the generated certificates. (default ".crt")
--crt-name string The file name (without extension) of the generated certificates. (default "certificate")
--dest string Path to store the dump content. (default "./dump")
--domain-subdir Use domain as sub-directory.
--key-ext string The file extension of the generated private keys. (default ".key")
--key-name string The file name (without extension) of the generated private keys. (default "privatekey")
--post-hook string Execute a command only if changes occurs on the data source. (works only with the watch mode)
--watch Enable watching changes.
```
### SEE ALSO
* [traefik-certs-dumper completion](traefik-certs-dumper_completion.md) - Generate the autocompletion script for the specified shell
###### Auto generated by spf13/cobra on 21-Feb-2025

4
docs/traefik-certs-dumper_file.md
View File

@ -15,7 +15,7 @@ traefik-certs-dumper file [flags]
``` ```
-h, --help help for file -h, --help help for file
--source string Path to 'acme.json' file. (default "./acme.json") --source string Path to 'acme.json' file. (default "./acme.json")
--version string Traefik version. If empty use v1. Possible values: 'v2'. --version string Traefik version. If empty use v1. Possible values: 'v2', 'v3'.
``` ```
### Options inherited from parent commands ### Options inherited from parent commands
@ -37,4 +37,4 @@ traefik-certs-dumper file [flags]
* [traefik-certs-dumper](traefik-certs-dumper.md) - Dump Let's Encrypt certificates from Traefik. * [traefik-certs-dumper](traefik-certs-dumper.md) - Dump Let's Encrypt certificates from Traefik.
###### Auto generated by spf13/cobra on 9-Oct-2019 ###### Auto generated by spf13/cobra on 21-Feb-2025

2
docs/traefik-certs-dumper_kv.md
View File

@ -47,4 +47,4 @@ Dump the content of a KV store.
* [traefik-certs-dumper kv etcd](traefik-certs-dumper_kv_etcd.md) - Dump the content of etcd. * [traefik-certs-dumper kv etcd](traefik-certs-dumper_kv_etcd.md) - Dump the content of etcd.
* [traefik-certs-dumper kv zookeeper](traefik-certs-dumper_kv_zookeeper.md) - Dump the content of zookeeper. * [traefik-certs-dumper kv zookeeper](traefik-certs-dumper_kv_zookeeper.md) - Dump the content of zookeeper.
###### Auto generated by spf13/cobra on 9-Oct-2019 ###### Auto generated by spf13/cobra on 21-Feb-2025

2
docs/traefik-certs-dumper_kv_boltdb.md
View File

@ -49,4 +49,4 @@ traefik-certs-dumper kv boltdb [flags]
* [traefik-certs-dumper kv](traefik-certs-dumper_kv.md) - Dump the content of a KV store. * [traefik-certs-dumper kv](traefik-certs-dumper_kv.md) - Dump the content of a KV store.
###### Auto generated by spf13/cobra on 9-Oct-2019 ###### Auto generated by spf13/cobra on 21-Feb-2025

2
docs/traefik-certs-dumper_kv_consul.md
View File

@ -48,4 +48,4 @@ traefik-certs-dumper kv consul [flags]
* [traefik-certs-dumper kv](traefik-certs-dumper_kv.md) - Dump the content of a KV store. * [traefik-certs-dumper kv](traefik-certs-dumper_kv.md) - Dump the content of a KV store.
###### Auto generated by spf13/cobra on 9-Oct-2019 ###### Auto generated by spf13/cobra on 21-Feb-2025

2
docs/traefik-certs-dumper_kv_etcd.md
View File

@ -49,4 +49,4 @@ traefik-certs-dumper kv etcd [flags]
* [traefik-certs-dumper kv](traefik-certs-dumper_kv.md) - Dump the content of a KV store. * [traefik-certs-dumper kv](traefik-certs-dumper_kv.md) - Dump the content of a KV store.
###### Auto generated by spf13/cobra on 9-Oct-2019 ###### Auto generated by spf13/cobra on 21-Feb-2025

2
docs/traefik-certs-dumper_kv_zookeeper.md
View File

@ -47,4 +47,4 @@ traefik-certs-dumper kv zookeeper [flags]
* [traefik-certs-dumper kv](traefik-certs-dumper_kv.md) - Dump the content of a KV store. * [traefik-certs-dumper kv](traefik-certs-dumper_kv.md) - Dump the content of a KV store.
###### Auto generated by spf13/cobra on 9-Oct-2019 ###### Auto generated by spf13/cobra on 21-Feb-2025

6
docs/traefik-certs-dumper_version.md
View File

@ -2,10 +2,6 @@
Display version Display version
### Synopsis
Display version
``` ```
traefik-certs-dumper version [flags] traefik-certs-dumper version [flags]
``` ```
@ -35,4 +31,4 @@ traefik-certs-dumper version [flags]
* [traefik-certs-dumper](traefik-certs-dumper.md) - Dump Let's Encrypt certificates from Traefik. * [traefik-certs-dumper](traefik-certs-dumper.md) - Dump Let's Encrypt certificates from Traefik.
###### Auto generated by spf13/cobra on 9-Oct-2019 ###### Auto generated by spf13/cobra on 21-Feb-2025

11
dumper/file/file.go
View File

@ -19,8 +19,9 @@ import (
dumperv2 "github.com/ldez/traefik-certs-dumper/v2/dumper/v2" dumperv2 "github.com/ldez/traefik-certs-dumper/v2/dumper/v2"
dumperv3 "github.com/ldez/traefik-certs-dumper/v2/dumper/v3" dumperv3 "github.com/ldez/traefik-certs-dumper/v2/dumper/v3"
"github.com/ldez/traefik-certs-dumper/v2/hook" "github.com/ldez/traefik-certs-dumper/v2/hook"
acmev2 "github.com/traefik/traefik/v2/pkg/provider/acme" "github.com/ldez/traefik-certs-dumper/v2/internal/traefikv1"
acmev3 "github.com/traefik/traefik/v3/pkg/provider/acme" "github.com/ldez/traefik-certs-dumper/v2/internal/traefikv2"
"github.com/ldez/traefik-certs-dumper/v2/internal/traefikv3"
) )
// Dump Dumps "acme.json" file to certificates. // Dump Dumps "acme.json" file to certificates.
@ -76,7 +77,7 @@ func dump(acmeFile string, baseConfig *dumper.BaseConfig) error {
} }
func dumpV1(acmeFile string, baseConfig *dumper.BaseConfig) error { func dumpV1(acmeFile string, baseConfig *dumper.BaseConfig) error {
data := &dumperv1.StoredData{} data := &traefikv1.StoredData{}
err := readJSONFile(acmeFile, data) err := readJSONFile(acmeFile, data)
if err != nil { if err != nil {
return err return err
@ -86,7 +87,7 @@ func dumpV1(acmeFile string, baseConfig *dumper.BaseConfig) error {
} }
func dumpV2(acmeFile string, baseConfig *dumper.BaseConfig) error { func dumpV2(acmeFile string, baseConfig *dumper.BaseConfig) error {
data := map[string]*acmev2.StoredData{} data := map[string]*traefikv2.StoredData{}
err := readJSONFile(acmeFile, &data) err := readJSONFile(acmeFile, &data)
if err != nil { if err != nil {
return err return err
@ -96,7 +97,7 @@ func dumpV2(acmeFile string, baseConfig *dumper.BaseConfig) error {
} }
func dumpV3(acmeFile string, baseConfig *dumper.BaseConfig) error { func dumpV3(acmeFile string, baseConfig *dumper.BaseConfig) error {
data := map[string]*acmev3.StoredData{} data := map[string]*traefikv3.StoredData{}
err := readJSONFile(acmeFile, &data) err := readJSONFile(acmeFile, &data)
if err != nil { if err != nil {
return err return err

3
dumper/file/file_test.go
View File

@ -1,7 +1,6 @@
package file package file
import ( import (
"context"
"testing" "testing"
"github.com/ldez/traefik-certs-dumper/v2/dumper" "github.com/ldez/traefik-certs-dumper/v2/dumper"
@ -54,7 +53,7 @@ func TestDump(t *testing.T) {
Version: test.version, Version: test.version,
} }
err := Dump(context.Background(), test.acmeFile, cfg) err := Dump(t.Context(), test.acmeFile, cfg)
require.NoError(t, err) require.NoError(t, err)
}) })
} }

14
dumper/kv/convert.go
View File

@ -3,7 +3,7 @@ package kv
import ( import (
"github.com/go-acme/lego/v4/certcrypto" "github.com/go-acme/lego/v4/certcrypto"
"github.com/go-acme/lego/v4/registration" "github.com/go-acme/lego/v4/registration"
v1 "github.com/ldez/traefik-certs-dumper/v2/dumper/v1" "github.com/ldez/traefik-certs-dumper/v2/internal/traefikv1"
) )
// CertificateOld is used to store certificate info. // CertificateOld is used to store certificate info.
@ -39,14 +39,14 @@ type ChallengeCert struct {
// DomainsCertificate contains a certificate for multiple domains. // DomainsCertificate contains a certificate for multiple domains.
type DomainsCertificate struct { type DomainsCertificate struct {
Domains v1.Domain Domains traefikv1.Domain
Certificate *CertificateOld Certificate *CertificateOld
} }
// convertOldAccount converts account information from old account format. // convertOldAccount converts account information from old account format.
func convertOldAccount(account *AccountOld) *v1.StoredData { func convertOldAccount(account *AccountOld) *traefikv1.StoredData {
storedData := &v1.StoredData{ storedData := &traefikv1.StoredData{
Account: &v1.Account{ Account: &traefikv1.Account{
PrivateKey: account.PrivateKey, PrivateKey: account.PrivateKey,
Registration: account.Registration, Registration: account.Registration,
Email: account.Email, Email: account.Email,
@ -54,9 +54,9 @@ func convertOldAccount(account *AccountOld) *v1.StoredData {
}, },
} }
var certs []*v1.Certificate var certs []*traefikv1.Certificate
for _, oldCert := range account.DomainsCertificate.Certs { for _, oldCert := range account.DomainsCertificate.Certs {
certs = append(certs, &v1.Certificate{ certs = append(certs, &traefikv1.Certificate{
Certificate: oldCert.Certificate.Certificate, Certificate: oldCert.Certificate.Certificate,
Domain: oldCert.Domains, Domain: oldCert.Domains,
Key: oldCert.Certificate.PrivateKey, Key: oldCert.Certificate.PrivateKey,

3
dumper/kv/kv.go
View File

@ -16,6 +16,7 @@ import (
"github.com/ldez/traefik-certs-dumper/v2/dumper" "github.com/ldez/traefik-certs-dumper/v2/dumper"
v1 "github.com/ldez/traefik-certs-dumper/v2/dumper/v1" v1 "github.com/ldez/traefik-certs-dumper/v2/dumper/v1"
"github.com/ldez/traefik-certs-dumper/v2/hook" "github.com/ldez/traefik-certs-dumper/v2/hook"
"github.com/ldez/traefik-certs-dumper/v2/internal/traefikv1"
) )
// DefaultStoreKeySuffix is the default suffix/storage. // DefaultStoreKeySuffix is the default suffix/storage.
@ -76,7 +77,7 @@ func dumpPair(pair *store.KVPair, baseConfig *dumper.BaseConfig) error {
return v1.Dump(data, baseConfig) return v1.Dump(data, baseConfig)
} }
func getStoredDataFromGzip(pair *store.KVPair) (*v1.StoredData, error) { func getStoredDataFromGzip(pair *store.KVPair) (*traefikv1.StoredData, error) {
reader, err := gzip.NewReader(bytes.NewBuffer(pair.Value)) reader, err := gzip.NewReader(bytes.NewBuffer(pair.Value))
if err != nil { if err != nil {
return nil, fmt.Errorf("fail to create GZip reader: %w", err) return nil, fmt.Errorf("fail to create GZip reader: %w", err)

9
dumper/v1/dumper.go
View File

@ -8,6 +8,7 @@ import (
"github.com/go-acme/lego/v4/certcrypto" "github.com/go-acme/lego/v4/certcrypto"
"github.com/ldez/traefik-certs-dumper/v2/dumper" "github.com/ldez/traefik-certs-dumper/v2/dumper"
"github.com/ldez/traefik-certs-dumper/v2/internal/traefikv1"
) )
const ( const (
@ -16,7 +17,7 @@ const (
) )
// Dump Dumps data to certificates. // Dump Dumps data to certificates.
func Dump(data *StoredData, baseConfig *dumper.BaseConfig) error { func Dump(data *traefikv1.StoredData, baseConfig *dumper.BaseConfig) error {
if baseConfig.Clean { if baseConfig.Clean {
err := cleanDir(baseConfig.DumpPath) err := cleanDir(baseConfig.DumpPath)
if err != nil { if err != nil {
@ -54,7 +55,7 @@ func Dump(data *StoredData, baseConfig *dumper.BaseConfig) error {
return os.WriteFile(filepath.Join(baseConfig.DumpPath, keysSubDir, "letsencrypt"+baseConfig.KeyInfo.Ext), privateKeyPem, 0o600) return os.WriteFile(filepath.Join(baseConfig.DumpPath, keysSubDir, "letsencrypt"+baseConfig.KeyInfo.Ext), privateKeyPem, 0o600)
} }
func writeCert(dumpPath string, cert *Certificate, info dumper.FileInfo, domainSubDir bool) error { func writeCert(dumpPath string, cert *traefikv1.Certificate, info dumper.FileInfo, domainSubDir bool) error {
certPath := filepath.Join(dumpPath, certsSubDir, safeName(cert.Domain.Main+info.Ext)) certPath := filepath.Join(dumpPath, certsSubDir, safeName(cert.Domain.Main+info.Ext))
if domainSubDir { if domainSubDir {
certPath = filepath.Join(dumpPath, safeName(cert.Domain.Main), info.Name+info.Ext) certPath = filepath.Join(dumpPath, safeName(cert.Domain.Main), info.Name+info.Ext)
@ -66,7 +67,7 @@ func writeCert(dumpPath string, cert *Certificate, info dumper.FileInfo, domainS
return os.WriteFile(certPath, cert.Certificate, 0o666) return os.WriteFile(certPath, cert.Certificate, 0o666)
} }
func writeKey(dumpPath string, cert *Certificate, info dumper.FileInfo, domainSubDir bool) error { func writeKey(dumpPath string, cert *traefikv1.Certificate, info dumper.FileInfo, domainSubDir bool) error {
keyPath := filepath.Join(dumpPath, keysSubDir, safeName(cert.Domain.Main+info.Ext)) keyPath := filepath.Join(dumpPath, keysSubDir, safeName(cert.Domain.Main+info.Ext))
if domainSubDir { if domainSubDir {
keyPath = filepath.Join(dumpPath, safeName(cert.Domain.Main), info.Name+info.Ext) keyPath = filepath.Join(dumpPath, safeName(cert.Domain.Main), info.Name+info.Ext)
@ -78,7 +79,7 @@ func writeKey(dumpPath string, cert *Certificate, info dumper.FileInfo, domainSu
return os.WriteFile(keyPath, cert.Key, 0o600) return os.WriteFile(keyPath, cert.Key, 0o600)
} }
func extractPEMPrivateKey(account *Account) []byte { func extractPEMPrivateKey(account *traefikv1.Account) []byte {
var block *pem.Block var block *pem.Block
switch account.KeyType { switch account.KeyType {
case certcrypto.RSA2048, certcrypto.RSA4096, certcrypto.RSA8192: case certcrypto.RSA2048, certcrypto.RSA4096, certcrypto.RSA8192:

10
dumper/v2/dumper.go
View File

@ -8,7 +8,7 @@ import (
"github.com/go-acme/lego/v4/certcrypto" "github.com/go-acme/lego/v4/certcrypto"
"github.com/ldez/traefik-certs-dumper/v2/dumper" "github.com/ldez/traefik-certs-dumper/v2/dumper"
"github.com/traefik/traefik/v2/pkg/provider/acme" "github.com/ldez/traefik-certs-dumper/v2/internal/traefikv2"
) )
const ( const (
@ -17,7 +17,7 @@ const (
) )
// Dump Dumps data to certificates. // Dump Dumps data to certificates.
func Dump(data map[string]*acme.StoredData, baseConfig *dumper.BaseConfig) error { func Dump(data map[string]*traefikv2.StoredData, baseConfig *dumper.BaseConfig) error {
if baseConfig.Clean { if baseConfig.Clean {
err := cleanDir(baseConfig.DumpPath) err := cleanDir(baseConfig.DumpPath)
if err != nil { if err != nil {
@ -63,7 +63,7 @@ func Dump(data map[string]*acme.StoredData, baseConfig *dumper.BaseConfig) error
return nil return nil
} }
func writeCert(dumpPath string, cert acme.Certificate, info dumper.FileInfo, domainSubDir bool) error { func writeCert(dumpPath string, cert traefikv2.Certificate, info dumper.FileInfo, domainSubDir bool) error {
certPath := filepath.Join(dumpPath, certsSubDir, safeName(cert.Domain.Main+info.Ext)) certPath := filepath.Join(dumpPath, certsSubDir, safeName(cert.Domain.Main+info.Ext))
if domainSubDir { if domainSubDir {
certPath = filepath.Join(dumpPath, safeName(cert.Domain.Main), info.Name+info.Ext) certPath = filepath.Join(dumpPath, safeName(cert.Domain.Main), info.Name+info.Ext)
@ -75,7 +75,7 @@ func writeCert(dumpPath string, cert acme.Certificate, info dumper.FileInfo, dom
return os.WriteFile(certPath, cert.Certificate, 0o666) return os.WriteFile(certPath, cert.Certificate, 0o666)
} }
func writeKey(dumpPath string, cert acme.Certificate, info dumper.FileInfo, domainSubDir bool) error { func writeKey(dumpPath string, cert traefikv2.Certificate, info dumper.FileInfo, domainSubDir bool) error {
keyPath := filepath.Join(dumpPath, keysSubDir, safeName(cert.Domain.Main+info.Ext)) keyPath := filepath.Join(dumpPath, keysSubDir, safeName(cert.Domain.Main+info.Ext))
if domainSubDir { if domainSubDir {
keyPath = filepath.Join(dumpPath, safeName(cert.Domain.Main), info.Name+info.Ext) keyPath = filepath.Join(dumpPath, safeName(cert.Domain.Main), info.Name+info.Ext)
@ -87,7 +87,7 @@ func writeKey(dumpPath string, cert acme.Certificate, info dumper.FileInfo, doma
return os.WriteFile(keyPath, cert.Key, 0o600) return os.WriteFile(keyPath, cert.Key, 0o600)
} }
func extractPEMPrivateKey(account *acme.Account) []byte { func extractPEMPrivateKey(account *traefikv2.Account) []byte {
var block *pem.Block var block *pem.Block
switch account.KeyType { switch account.KeyType {
case certcrypto.RSA2048, certcrypto.RSA4096, certcrypto.RSA8192: case certcrypto.RSA2048, certcrypto.RSA4096, certcrypto.RSA8192:

10
dumper/v3/dumper.go
View File

@ -8,7 +8,7 @@ import (
"github.com/go-acme/lego/v4/certcrypto" "github.com/go-acme/lego/v4/certcrypto"
"github.com/ldez/traefik-certs-dumper/v2/dumper" "github.com/ldez/traefik-certs-dumper/v2/dumper"
"github.com/traefik/traefik/v3/pkg/provider/acme" "github.com/ldez/traefik-certs-dumper/v2/internal/traefikv3"
) )
const ( const (
@ -17,7 +17,7 @@ const (
) )
// Dump Dumps data to certificates. // Dump Dumps data to certificates.
func Dump(data map[string]*acme.StoredData, baseConfig *dumper.BaseConfig) error { func Dump(data map[string]*traefikv3.StoredData, baseConfig *dumper.BaseConfig) error {
if baseConfig.Clean { if baseConfig.Clean {
err := cleanDir(baseConfig.DumpPath) err := cleanDir(baseConfig.DumpPath)
if err != nil { if err != nil {
@ -63,7 +63,7 @@ func Dump(data map[string]*acme.StoredData, baseConfig *dumper.BaseConfig) error
return nil return nil
} }
func writeCert(dumpPath string, cert acme.Certificate, info dumper.FileInfo, domainSubDir bool) error { func writeCert(dumpPath string, cert traefikv3.Certificate, info dumper.FileInfo, domainSubDir bool) error {
certPath := filepath.Join(dumpPath, certsSubDir, safeName(cert.Domain.Main+info.Ext)) certPath := filepath.Join(dumpPath, certsSubDir, safeName(cert.Domain.Main+info.Ext))
if domainSubDir { if domainSubDir {
certPath = filepath.Join(dumpPath, safeName(cert.Domain.Main), info.Name+info.Ext) certPath = filepath.Join(dumpPath, safeName(cert.Domain.Main), info.Name+info.Ext)
@ -75,7 +75,7 @@ func writeCert(dumpPath string, cert acme.Certificate, info dumper.FileInfo, dom
return os.WriteFile(certPath, cert.Certificate, 0o666) return os.WriteFile(certPath, cert.Certificate, 0o666)
} }
func writeKey(dumpPath string, cert acme.Certificate, info dumper.FileInfo, domainSubDir bool) error { func writeKey(dumpPath string, cert traefikv3.Certificate, info dumper.FileInfo, domainSubDir bool) error {
keyPath := filepath.Join(dumpPath, keysSubDir, safeName(cert.Domain.Main+info.Ext)) keyPath := filepath.Join(dumpPath, keysSubDir, safeName(cert.Domain.Main+info.Ext))
if domainSubDir { if domainSubDir {
keyPath = filepath.Join(dumpPath, safeName(cert.Domain.Main), info.Name+info.Ext) keyPath = filepath.Join(dumpPath, safeName(cert.Domain.Main), info.Name+info.Ext)
@ -87,7 +87,7 @@ func writeKey(dumpPath string, cert acme.Certificate, info dumper.FileInfo, doma
return os.WriteFile(keyPath, cert.Key, 0o600) return os.WriteFile(keyPath, cert.Key, 0o600)
} }
func extractPEMPrivateKey(account *acme.Account) []byte { func extractPEMPrivateKey(account *traefikv3.Account) []byte {
var block *pem.Block var block *pem.Block
switch account.KeyType { switch account.KeyType {
case certcrypto.RSA2048, certcrypto.RSA4096, certcrypto.RSA8192: case certcrypto.RSA2048, certcrypto.RSA4096, certcrypto.RSA8192:

233
go.mod
View File

@ -1,10 +1,11 @@
module github.com/ldez/traefik-certs-dumper/v2 module github.com/ldez/traefik-certs-dumper/v2
go 1.23.0 go 1.24.0
require ( require (
github.com/fsnotify/fsnotify v1.8.0 github.com/charmbracelet/lipgloss v1.0.0
github.com/go-acme/lego/v4 v4.19.2 github.com/fsnotify/fsnotify v1.9.0
github.com/go-acme/lego/v4 v4.25.2
github.com/kvtools/boltdb v1.0.2 github.com/kvtools/boltdb v1.0.2
github.com/kvtools/consul v1.0.2 github.com/kvtools/consul v1.0.2
github.com/kvtools/etcdv2 v1.0.2 github.com/kvtools/etcdv2 v1.0.2
@ -12,242 +13,78 @@ require (
github.com/kvtools/valkeyrie v1.0.0 github.com/kvtools/valkeyrie v1.0.0
github.com/kvtools/zookeeper v1.0.2 github.com/kvtools/zookeeper v1.0.2
github.com/mitchellh/go-homedir v1.1.0 github.com/mitchellh/go-homedir v1.1.0
github.com/spf13/cobra v1.8.1 github.com/spf13/cobra v1.9.1
github.com/spf13/viper v1.19.0 github.com/spf13/viper v1.19.0
github.com/stretchr/testify v1.9.0 github.com/stretchr/testify v1.10.0
github.com/traefik/traefik/v2 v2.11.13
github.com/traefik/traefik/v3 v3.2.0
) )
require ( require (
cloud.google.com/go/auth v0.9.3 // indirect
cloud.google.com/go/auth/oauth2adapt v0.2.4 // indirect
cloud.google.com/go/compute/metadata v0.5.1 // indirect
github.com/AdamSLevy/jsonrpc2/v14 v14.1.0 // indirect
github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns v1.2.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.2.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resourcegraph/armresourcegraph v0.9.0 // indirect
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
github.com/Azure/go-autorest/autorest v0.11.29 // indirect
github.com/Azure/go-autorest/autorest/adal v0.9.22 // indirect
github.com/Azure/go-autorest/autorest/azure/auth v0.5.13 // indirect
github.com/Azure/go-autorest/autorest/azure/cli v0.4.6 // indirect
github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
github.com/Azure/go-autorest/logger v0.2.1 // indirect
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
github.com/OpenDNS/vegadns2client v0.0.0-20180418235048-a3fa4a771d87 // indirect
github.com/akamai/AkamaiOPEN-edgegrid-golang v1.2.2 // indirect
github.com/aliyun/alibaba-cloud-sdk-go v1.63.15 // indirect
github.com/armon/go-metrics v0.4.1 // indirect github.com/armon/go-metrics v0.4.1 // indirect
github.com/aws/aws-sdk-go v1.44.327 // indirect github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
github.com/aws/aws-sdk-go-v2 v1.30.5 // indirect
github.com/aws/aws-sdk-go-v2/config v1.27.33 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.17.32 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.17 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.17 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19 // indirect
github.com/aws/aws-sdk-go-v2/service/lightsail v1.40.6 // indirect
github.com/aws/aws-sdk-go-v2/service/route53 v1.43.2 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.22.7 // indirect
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.30.7 // indirect
github.com/aws/smithy-go v1.20.4 // indirect
github.com/benbjohnson/clock v1.3.0 // indirect
github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect
github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/cenkalti/backoff/v4 v4.3.0 // indirect
github.com/civo/civogo v0.3.11 // indirect github.com/charmbracelet/x/ansi v0.4.2 // indirect
github.com/cloudflare/cloudflare-go v0.104.0 // indirect
github.com/containous/alice v0.0.0-20181107144136-d83ebdd94cbd // indirect
github.com/coreos/go-semver v0.3.1 // indirect github.com/coreos/go-semver v0.3.1 // indirect
github.com/coreos/go-systemd/v22 v22.5.0 // indirect github.com/coreos/go-systemd/v22 v22.5.0 // indirect
github.com/cpu/goacmedns v0.1.1 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect
github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/dimchansky/utfbom v1.1.1 // indirect github.com/fatih/color v1.18.0 // indirect
github.com/dnsimple/dnsimple-go v1.7.0 // indirect github.com/go-jose/go-jose/v4 v4.1.1 // indirect
github.com/exoscale/egoscale/v3 v3.1.7 // indirect github.com/go-zookeeper/zk v1.0.4 // indirect
github.com/fatih/color v1.17.0 // indirect
github.com/fatih/structs v1.1.0 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/gabriel-vasile/mimetype v1.4.2 // indirect
github.com/ghodss/yaml v1.0.0 // indirect
github.com/go-errors/errors v1.0.1 // indirect
github.com/go-jose/go-jose/v4 v4.0.4 // indirect
github.com/go-kit/log v0.2.1 // indirect
github.com/go-logfmt/logfmt v0.5.1 // indirect
github.com/go-logr/logr v1.4.2 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-playground/locales v0.14.1 // indirect
github.com/go-playground/universal-translator v0.18.1 // indirect
github.com/go-playground/validator/v10 v10.16.0 // indirect
github.com/go-resty/resty/v2 v2.13.1 // indirect
github.com/go-viper/mapstructure/v2 v2.1.0 // indirect
github.com/go-zookeeper/zk v1.0.3 // indirect
github.com/goccy/go-json v0.10.3 // indirect
github.com/gofrs/flock v0.12.1 // indirect
github.com/gogo/protobuf v1.3.2 // indirect github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf v1.5.4 // indirect github.com/golang/protobuf v1.5.4 // indirect
github.com/google/go-github/v28 v28.1.1 // indirect
github.com/google/go-querystring v1.1.0 // indirect
github.com/google/s2a-go v0.1.8 // indirect
github.com/google/uuid v1.6.0 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
github.com/googleapis/gax-go/v2 v2.13.0 // indirect
github.com/gophercloud/gophercloud v1.14.0 // indirect
github.com/gophercloud/utils v0.0.0-20231010081019-80377eca5d56 // indirect
github.com/gorilla/mux v1.8.1 // indirect
github.com/gravitational/trace v1.1.16-0.20220114165159-14a9a7dd6aaf // indirect
github.com/hashicorp/consul/api v1.28.2 // indirect github.com/hashicorp/consul/api v1.28.2 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-hclog v1.6.3 // indirect github.com/hashicorp/go-hclog v1.6.3 // indirect
github.com/hashicorp/go-immutable-radix v1.3.1 // indirect github.com/hashicorp/go-immutable-radix v1.3.1 // indirect
github.com/hashicorp/go-metrics v0.5.4 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
github.com/hashicorp/go-rootcerts v1.0.2 // indirect github.com/hashicorp/go-rootcerts v1.0.2 // indirect
github.com/hashicorp/go-uuid v1.0.3 // indirect
github.com/hashicorp/go-version v1.6.0 // indirect
github.com/hashicorp/golang-lru v1.0.2 // indirect github.com/hashicorp/golang-lru v1.0.2 // indirect
github.com/hashicorp/hcl v1.0.1-vault-5 // indirect github.com/hashicorp/hcl v1.0.1-vault-5 // indirect
github.com/hashicorp/serf v0.10.1 // indirect github.com/hashicorp/serf v0.10.2 // indirect
github.com/http-wasm/http-wasm-host-go v0.7.0 // indirect
github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.114 // indirect
github.com/iij/doapi v0.0.0-20190504054126-0bbf12d6d7df // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/infobloxopen/infoblox-go-client v1.1.1 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
github.com/jonboulle/clockwork v0.4.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect github.com/json-iterator/go v1.1.12 // indirect
github.com/k0kubun/go-ansi v0.0.0-20180517002512-3bf9e2903213 // indirect github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b // indirect github.com/magiconair/properties v1.8.9 // indirect
github.com/kylelemons/godebug v1.1.0 // indirect github.com/mattn/go-colorable v0.1.14 // indirect
github.com/labbsr0x/bindman-dns-webhook v1.0.2 // indirect
github.com/labbsr0x/goh v1.0.1 // indirect
github.com/leodido/go-urn v1.2.4 // indirect
github.com/linode/linodego v1.40.0 // indirect
github.com/liquidweb/liquidweb-cli v0.6.9 // indirect
github.com/liquidweb/liquidweb-go v1.6.4 // indirect
github.com/magiconair/properties v1.8.7 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-isatty v0.0.20 // indirect github.com/mattn/go-isatty v0.0.20 // indirect
github.com/miekg/dns v1.1.62 // indirect github.com/mattn/go-runewidth v0.0.16 // indirect
github.com/mimuret/golang-iij-dpf v0.9.1 // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/namedotcom/go v0.0.0-20180403034216-08470befbe04 // indirect github.com/muesli/termenv v0.15.2 // indirect
github.com/nrdcg/auroradns v1.1.0 // indirect github.com/pelletier/go-toml/v2 v2.2.3 // indirect
github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3 // indirect
github.com/nrdcg/desec v0.8.0 // indirect
github.com/nrdcg/dnspod-go v0.4.0 // indirect
github.com/nrdcg/freemyip v0.2.0 // indirect
github.com/nrdcg/goinwx v0.10.0 // indirect
github.com/nrdcg/mailinabox v0.2.0 // indirect
github.com/nrdcg/namesilo v0.2.1 // indirect
github.com/nrdcg/nodion v0.1.0 // indirect
github.com/nrdcg/porkbun v0.4.0 // indirect
github.com/nzdjb/go-metaname v1.0.0 // indirect
github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b // indirect
github.com/oracle/oci-go-sdk/v65 v65.73.0 // indirect
github.com/ovh/go-ovh v1.6.0 // indirect
github.com/patrickmn/go-cache v2.1.0+incompatible // indirect
github.com/pelletier/go-toml/v2 v2.2.2 // indirect
github.com/pires/go-proxyproto v0.6.1 // indirect
github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/pquerna/otp v1.4.0 // indirect github.com/rivo/uniseg v0.4.7 // indirect
github.com/rs/zerolog v1.29.0 // indirect github.com/rogpeppe/go-internal v1.12.0 // indirect
github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect
github.com/sacloud/api-client-go v0.2.10 // indirect
github.com/sacloud/go-http v0.1.8 // indirect
github.com/sacloud/iaas-api-go v1.12.0 // indirect
github.com/sacloud/packages-go v0.0.10 // indirect
github.com/sagikazarmark/locafero v0.4.0 // indirect github.com/sagikazarmark/locafero v0.4.0 // indirect
github.com/sagikazarmark/slog-shim v0.1.0 // indirect github.com/sagikazarmark/slog-shim v0.1.0 // indirect
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.30 // indirect
github.com/selectel/domains-go v1.1.0 // indirect
github.com/selectel/go-selvpcclient/v3 v3.1.1 // indirect
github.com/shopspring/decimal v1.4.0 // indirect
github.com/sirupsen/logrus v1.9.3 // indirect
github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9 // indirect
github.com/softlayer/softlayer-go v1.1.5 // indirect
github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e // indirect
github.com/sony/gobreaker v0.5.0 // indirect
github.com/sourcegraph/conc v0.3.0 // indirect github.com/sourcegraph/conc v0.3.0 // indirect
github.com/spf13/afero v1.11.0 // indirect github.com/spf13/afero v1.11.0 // indirect
github.com/spf13/cast v1.7.0 // indirect github.com/spf13/cast v1.7.1 // indirect
github.com/spf13/pflag v1.0.5 // indirect github.com/spf13/pflag v1.0.6 // indirect
github.com/spiffe/go-spiffe/v2 v2.1.1 // indirect
github.com/subosito/gotenv v1.6.0 // indirect github.com/subosito/gotenv v1.6.0 // indirect
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1002 // indirect
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1002 // indirect
github.com/tjfoc/gmsm v1.4.1 // indirect
github.com/traefik/paerser v0.2.1 // indirect
github.com/transip/gotransip/v6 v6.26.0 // indirect
github.com/ultradns/ultradns-go-sdk v1.7.0-20240913052650-970ca9a // indirect
github.com/unrolled/render v1.0.2 // indirect
github.com/vinyldns/go-vinyldns v0.9.16 // indirect
github.com/vulcand/predicate v1.2.0 // indirect
github.com/vultr/govultr/v3 v3.9.1 // indirect
github.com/yandex-cloud/go-genproto v0.0.0-20240911120709-1fa0cb6f47c2 // indirect
github.com/yandex-cloud/go-sdk v0.0.0-20240911121212-e4e74d0d02f5 // indirect
github.com/zeebo/errs v1.2.2 // indirect
go.etcd.io/bbolt v1.3.6 // indirect go.etcd.io/bbolt v1.3.6 // indirect
go.etcd.io/etcd/api/v3 v3.5.14 // indirect go.etcd.io/etcd/api/v3 v3.5.14 // indirect
go.etcd.io/etcd/client/pkg/v3 v3.5.14 // indirect go.etcd.io/etcd/client/pkg/v3 v3.5.14 // indirect
go.etcd.io/etcd/client/v2 v2.305.12 // indirect go.etcd.io/etcd/client/v2 v2.305.12 // indirect
go.etcd.io/etcd/client/v3 v3.5.14 // indirect go.etcd.io/etcd/client/v3 v3.5.14 // indirect
go.mongodb.org/mongo-driver v1.12.1 // indirect
go.opencensus.io v0.24.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect
go.opentelemetry.io/otel v1.29.0 // indirect
go.opentelemetry.io/otel/metric v1.29.0 // indirect
go.opentelemetry.io/otel/trace v1.29.0 // indirect
go.uber.org/multierr v1.11.0 // indirect go.uber.org/multierr v1.11.0 // indirect
go.uber.org/ratelimit v0.3.0 // indirect go.uber.org/zap v1.27.0 // indirect
go.uber.org/zap v1.26.0 // indirect golang.org/x/crypto v0.40.0 // indirect
golang.org/x/crypto v0.27.0 // indirect golang.org/x/exp v0.0.0-20241210194714-1829a127f884 // indirect
golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 // indirect golang.org/x/net v0.42.0 // indirect
golang.org/x/mod v0.21.0 // indirect golang.org/x/sys v0.34.0 // indirect
golang.org/x/net v0.29.0 // indirect golang.org/x/text v0.27.0 // indirect
golang.org/x/oauth2 v0.23.0 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20250707201910-8d1bb00bc6a7 // indirect
golang.org/x/sync v0.8.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20250707201910-8d1bb00bc6a7 // indirect
golang.org/x/sys v0.25.0 // indirect google.golang.org/grpc v1.73.0 // indirect
golang.org/x/term v0.24.0 // indirect google.golang.org/protobuf v1.36.6 // indirect
golang.org/x/text v0.18.0 // indirect gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
golang.org/x/time v0.6.0 // indirect
golang.org/x/tools v0.25.0 // indirect
google.golang.org/api v0.197.0 // indirect
google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20240827150818-7e3bb234dfed // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect
google.golang.org/grpc v1.66.2 // indirect
google.golang.org/protobuf v1.34.2 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/ns1/ns1-go.v2 v2.12.0 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect
) )
// Containous forks
replace (
github.com/abbot/go-http-auth => github.com/containous/go-http-auth v0.4.1-0.20200324110947-a37a7636d23e
github.com/go-check/check => github.com/containous/check v0.0.0-20170915194414-ca0bf163426a
github.com/gorilla/mux => github.com/containous/mux v0.0.0-20220627093034-b2dd784e613f
github.com/mailgun/minheap => github.com/containous/minheap v0.0.0-20190809180810-6e71eb837595
)
exclude github.com/tencentcloud/tencentcloud-sdk-go v3.0.83+incompatible exclude github.com/tencentcloud/tencentcloud-sdk-go v3.0.83+incompatible

1055
go.sum
View File

File diff suppressed because it is too large Load Diff

3
hook/hook_test.go
View File

@ -1,7 +1,6 @@
package hook package hook
import ( import (
"context"
"testing" "testing"
) )
@ -22,7 +21,7 @@ func Test_execute(t *testing.T) {
for _, test := range testCases { for _, test := range testCases {
t.Run(test.desc, func(t *testing.T) { t.Run(test.desc, func(t *testing.T) {
err := execute(context.Background(), test.command) err := execute(t.Context(), test.command)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }

2
dumper/v1/storeddata.go → internal/traefikv1/acme.go
View File

@ -1,4 +1,4 @@
package v1 package traefikv1
import ( import (
"github.com/go-acme/lego/v4/certcrypto" "github.com/go-acme/lego/v4/certcrypto"

101
internal/traefikv2/acme.go Normal file
View File

@ -0,0 +1,101 @@
package traefikv2
import (
"crypto"
"crypto/x509"
"github.com/go-acme/lego/v4/certcrypto"
"github.com/go-acme/lego/v4/registration"
)
// StoredData represents the data managed by Store.
type StoredData struct {
Account *Account
Certificates []*CertAndStore
}
// Account is used to store lets encrypt registration info.
type Account struct {
Email string
Registration *registration.Resource
PrivateKey []byte
KeyType certcrypto.KeyType
}
// GetEmail returns email.
func (a *Account) GetEmail() string {
return a.Email
}
// GetRegistration returns lets encrypt registration resource.
func (a *Account) GetRegistration() *registration.Resource {
return a.Registration
}
// GetPrivateKey returns private key.
func (a *Account) GetPrivateKey() crypto.PrivateKey {
privateKey, err := x509.ParsePKCS1PrivateKey(a.PrivateKey)
if err != nil {
return nil
}
return privateKey
}
// CertAndStore allows mapping a TLS certificate to a TLS store.
type CertAndStore struct {
Certificate
Store string
}
// Certificate is a struct which contains all data needed from an ACME certificate.
type Certificate struct {
Domain Domain `json:"domain,omitempty" toml:"domain,omitempty" yaml:"domain,omitempty"`
Certificate []byte `json:"certificate,omitempty" toml:"certificate,omitempty" yaml:"certificate,omitempty"`
Key []byte `json:"key,omitempty" toml:"key,omitempty" yaml:"key,omitempty"`
}
// Domain holds a domain name with SANs.
type Domain struct {
// Main defines the main domain name.
Main string `description:"Default subject name." json:"main,omitempty" toml:"main,omitempty" yaml:"main,omitempty"`
// SANs defines the subject alternative domain names.
SANs []string `description:"Subject alternative names." json:"sans,omitempty" toml:"sans,omitempty" yaml:"sans,omitempty"`
}
// ToStrArray convert a domain into an array of strings.
func (d *Domain) ToStrArray() []string {
var domains []string
if d.Main != "" {
domains = []string{d.Main}
}
return append(domains, d.SANs...)
}
// Set sets a domains from an array of strings.
func (d *Domain) Set(domains []string) {
if len(domains) > 0 {
d.Main = domains[0]
d.SANs = domains[1:]
}
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (d *Domain) DeepCopyInto(out *Domain) {
*out = *d
if d.SANs != nil {
in, out := &d.SANs, &out.SANs
*out = make([]string, len(*in))
copy(*out, *in)
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Domain.
func (d *Domain) DeepCopy() *Domain {
if d == nil {
return nil
}
out := new(Domain)
d.DeepCopyInto(out)
return out
}

101
internal/traefikv3/acme.go Normal file
View File

@ -0,0 +1,101 @@
package traefikv3
import (
"crypto"
"crypto/x509"
"github.com/go-acme/lego/v4/certcrypto"
"github.com/go-acme/lego/v4/registration"
)
// StoredData represents the data managed by Store.
type StoredData struct {
Account *Account
Certificates []*CertAndStore
}
// Account is used to store lets encrypt registration info.
type Account struct {
Email string
Registration *registration.Resource
PrivateKey []byte
KeyType certcrypto.KeyType
}
// GetEmail returns email.
func (a *Account) GetEmail() string {
return a.Email
}
// GetRegistration returns lets encrypt registration resource.
func (a *Account) GetRegistration() *registration.Resource {
return a.Registration
}
// GetPrivateKey returns private key.
func (a *Account) GetPrivateKey() crypto.PrivateKey {
privateKey, err := x509.ParsePKCS1PrivateKey(a.PrivateKey)
if err != nil {
return nil
}
return privateKey
}
// CertAndStore allows mapping a TLS certificate to a TLS store.
type CertAndStore struct {
Certificate
Store string
}
// Certificate is a struct which contains all data needed from an ACME certificate.
type Certificate struct {
Domain Domain `json:"domain,omitempty" toml:"domain,omitempty" yaml:"domain,omitempty"`
Certificate []byte `json:"certificate,omitempty" toml:"certificate,omitempty" yaml:"certificate,omitempty"`
Key []byte `json:"key,omitempty" toml:"key,omitempty" yaml:"key,omitempty"`
}
// Domain holds a domain name with SANs.
type Domain struct {
// Main defines the main domain name.
Main string `description:"Default subject name." json:"main,omitempty" toml:"main,omitempty" yaml:"main,omitempty"`
// SANs defines the subject alternative domain names.
SANs []string `description:"Subject alternative names." json:"sans,omitempty" toml:"sans,omitempty" yaml:"sans,omitempty"`
}
// ToStrArray convert a domain into an array of strings.
func (d *Domain) ToStrArray() []string {
var domains []string
if d.Main != "" {
domains = []string{d.Main}
}
return append(domains, d.SANs...)
}
// Set sets a domains from an array of strings.
func (d *Domain) Set(domains []string) {
if len(domains) > 0 {
d.Main = domains[0]
d.SANs = domains[1:]
}
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (d *Domain) DeepCopyInto(out *Domain) {
*out = *d
if d.SANs != nil {
in, out := &d.SANs, &out.SANs
*out = make([]string, len(*in))
copy(*out, *in)
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Domain.
func (d *Domain) DeepCopy() *Domain {
if d == nil {
return nil
}
out := new(Domain)
d.DeepCopyInto(out)
return out
}

27
readme.md
View File

@ -18,16 +18,17 @@ If you appreciate this project:
- from file ("acme.json") - from file ("acme.json")
- from KV stores (Consul, Etcd, Zookeeper) - from KV stores (Consul, Etcd, Zookeeper)
- Output formats: - Output formats:
- use domain as sub-directory (allow custom names and extensions) - use domain as subdirectory (allow custom names and extensions)
- flat (domain as filename) - flat (domain as filename)
- Hook (only with watch mode and if the data source changes) - Hook (only with watch mode and if the data source changes)
- Support Traefik v1, v2, and v3.
## Installation ## Installation
### Download / CI Integration ### Download / CI Integration
```bash ```bash
curl -sfL https://raw.githubusercontent.com/ldez/traefik-certs-dumper/master/godownloader.sh | bash -s -- -b $(go env GOPATH)/bin v2.8.1 curl -sfL https://raw.githubusercontent.com/ldez/traefik-certs-dumper/master/godownloader.sh | bash -s -- -b $(go env GOPATH)/bin v2.9.3
``` ```
<!-- <!--
@ -60,6 +61,7 @@ Examples:
- Traefik v1: [docker-compose](docs/docker-compose-traefik-v1.yml) - Traefik v1: [docker-compose](docs/docker-compose-traefik-v1.yml)
- Traefik v2: [docker-compose](docs/docker-compose-traefik-v2.yml) - Traefik v2: [docker-compose](docs/docker-compose-traefik-v2.yml)
- Traefik v3: TODO
## Usage ## Usage
@ -72,7 +74,7 @@ Examples:
### Simple Dump ### Simple Dump
```console ```console
$ traefik-certs-dumper file $ traefik-certs-dumper file --version v3
dump dump
├──certs ├──certs
│ └──my.domain.com.key │ └──my.domain.com.key
@ -84,7 +86,7 @@ dump
### Change source and destination ### Change source and destination
```console ```console
$ traefik-certs-dumper file --source ./acme.json --dest ./dump/test $ traefik-certs-dumper file --version v3 --source ./acme.json --dest ./dump/test
test test
├──certs ├──certs
│ └──my.domain.com.key │ └──my.domain.com.key
@ -96,7 +98,7 @@ test
### Use domain as sub-directory ### Use domain as sub-directory
```console ```console
$ traefik-certs-dumper file --domain-subdir=true $ traefik-certs-dumper file --version v3 --domain-subdir=true
dump dump
├──my.domain.com ├──my.domain.com
│ ├──certificate.crt │ ├──certificate.crt
@ -108,7 +110,7 @@ dump
#### Change file extension #### Change file extension
```console ```console
$ traefik-certs-dumper file --domain-subdir --crt-ext=.pem --key-ext=.pem $ traefik-certs-dumper file --version v3 --domain-subdir --crt-ext=.pem --key-ext=.pem
dump dump
├──my.domain.com ├──my.domain.com
│ ├──certificate.pem │ ├──certificate.pem
@ -120,7 +122,7 @@ dump
#### Change file name #### Change file name
```console ```console
$ traefik-certs-dumper file --domain-subdir --crt-name=fullchain --key-name=privkey $ traefik-certs-dumper file --version v3 --domain-subdir --crt-name=fullchain --key-name=privkey
dump dump
├──my.domain.com ├──my.domain.com
│ ├──fullchain.crt │ ├──fullchain.crt
@ -131,24 +133,21 @@ dump
## Hook ## Hook
Hook can be a one liner passed as a string, or a file for more complex post-hook scenarios. Hook can be a one-liner passed as a string, or a file for more complex post-hook scenarios.
For the former, create a file (ex: `hook.sh`) and mount it, then pass `sh hooksh` as a parameter to `--post-hook`. For the former, create a file (ex: `hook.sh`) and mount it, then pass `sh hooksh` as a parameter to `--post-hook`.
Here is a docker-compose example: Here is a docker-compose example:
```yml ```yml
version: '3.9'
services: services:
# ... # ...
traefik-certs-dumper: traefik-certs-dumper:
image: ldez/traefik-certs-dumper:v2.8.1 image: ldez/traefik-certs-dumper:v2.9.3
container_name: traefik-certs-dumper container_name: traefik-certs-dumper
entrypoint: sh -c ' entrypoint: sh -c '
apk add jq while ! [ -e /data/acme.json ]
; while ! [ -e /data/acme.json ] || ! [ `jq ".[] | .Certificates | length" /data/acme.json | jq -s "add" ` != 0 ]; do
|| ! [ `jq ".[] | .Certificates | length" /data/acme.json` != 0 ]; do
sleep 1 sleep 1
; done ; done
&& traefik-certs-dumper file --version v2 --watch && traefik-certs-dumper file --version v2 --watch

24
tmpl.Dockerfile
View File

@ -1,24 +0,0 @@
FROM golang:1-alpine as builder
RUN apk --update upgrade \
&& apk --no-cache --no-progress add git make gcc musl-dev ca-certificates tzdata
WORKDIR /go/src/github.com/ldez/traefik-certs-dumper
ENV GO111MODULE on
COPY go.mod go.sum ./
RUN go mod download
COPY . .
RUN GOARCH={{ .GoARCH }} GOARM={{ .GoARM }} make build
FROM {{ .RuntimeImage }}
# Not supported for multi-arch without Buildkit or QEMU
#RUN apk --update upgrade \
# && apk --no-cache --no-progress add ca-certificates
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /go/src/github.com/ldez/traefik-certs-dumper/traefik-certs-dumper /usr/bin/traefik-certs-dumper
ENTRYPOINT ["/usr/bin/traefik-certs-dumper"]