You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+5-25Lines changed: 5 additions & 25 deletions
Original file line number
Diff line number
Diff line change
@@ -1,13 +1,14 @@
1
-
# Caddy Cluster / Certmagic Storage Consul K/V
1
+
# Caddy Cluster / Certmagic TLS cluster support for Consul K/V
2
2
3
3
[Consul K/V](https://github.com/hashicorp/consul) Storage for [Caddy](https://github.com/mholt/caddy) TLS data.
4
4
5
5
By default Caddy uses local filesystem to store TLS data (generated keys, csr, crt) when it auto-generates certificates from a CA like Lets Encrypt.
6
6
Starting with 0.11.x Caddy can work in cluster environments where TLS storage path is shared across servers.
7
-
This is a great improvement but you need to take care of mounting a centeralized storage on every server. If you have an already running Consul cluster it can be easier to use it's KV store to save certificates and make them available to all Caddy instances.
7
+
This is a great improvement but you need to take care of mounting a centralized storage on every server. If you have an already running Consul cluster it can be easier to use it's KV store to save certificates and make them available to all Caddy instances.
8
8
9
9
This cluster plugin enables Caddy to store TLS data like keys and certificates in Consul's K/V store.
10
-
This allows you to use Caddy in a cluster or multi machine environment and use a centralized storage for auto-generated certificates.
10
+
This allows you to use Caddy in a cluster or multi machine environment and use a centralized storage for auto-generated certificates that is
11
+
shared between all Caddy instances.
11
12
12
13
With this plugin it is possible to use multiple Caddy instances with the same HTTPS domain for instance with DNS round-robin.
13
14
All data that is saved in KV store is encrypted using AES.
@@ -17,33 +18,12 @@ its new storage interface (> 0.11.1). More at https://github.com/pteich/caddy-tl
17
18
18
19
For older versions of Caddy (0.10.x - 0.11.1) you can use the `old_storage_interface` branch.
19
20
20
-
21
-
## Installation (subject to change for Caddy >0.11.1)
22
-
23
-
For new versions of Caddy this cluster plugin will be available as a first-class plugin on Caddy's download page.
24
-
25
-
[DEPRECATED] ~~
26
-
You need to compile Caddy by yourself to use this plugin. Alternativly you can use my Docker image that already includes Consul KV storage, more infos below.
27
-
28
-
- Set up a working Go installation, see https://golang.org/doc/install
29
-
- Checkout Caddy source code from https://github.com/mholt/caddy
30
-
- Get latest caddy-tlsconsul with `go get -u github.com/pteich/caddy-tlsconsul`
31
-
- Add this line to `caddy/caddymain/run.go` in the `import` region:
32
-
```go
33
-
import (
34
-
...
35
-
_ "github.com/pteich/caddy-tlsconsul"
36
-
)
37
-
```
38
-
- Change dir into `caddy/caddy` do a `go get github.com/caddyserver/builds` and compile Caddy with `go run build.go`
39
-
~~
40
-
41
21
## Configuration
42
22
43
23
You enable Consul storage with Caddy by setting the `CADDY_CLUSTERING` environment variable to `consul`.
44
24
45
25
Because this plugin uses the official Consul API client you can use all ENV variables like `CONSUL_HTTP_ADDR` or `CONSUL_HTTP_TOKEN`
46
-
to define your Consul connection and credentials. For more information see https://github.com/hashicorp/consul/blob/master/api/api.go
26
+
to define your Consul address and token. For more information see https://github.com/hashicorp/consul/blob/master/api/api.go
47
27
48
28
Without any further configuration a running Consul on 127.0.01:8500 is assumed.
0 commit comments