From 55cc04921e1d40bd87ed0482957b44ca89f6d10d Mon Sep 17 00:00:00 2001 From: Milo Schwartz Date: Fri, 3 Jan 2025 20:09:48 -0500 Subject: [PATCH] update wildcard docs --- package.json | 8 ++------ .../03-Pangolin/02-Configuration/03-wildcard-certs.md | 3 +++ 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/package.json b/package.json index dea60d2..c68ced7 100644 --- a/package.json +++ b/package.json @@ -4,11 +4,7 @@ "private": true, "type": "module", "scripts": { - "dev": "sst dev", - "build": "sst build", - "deploy": "sst deploy", - "remove": "sst remove", - "console": "sst console", + "deploy": "AWS_PROFILE=fossorial npx sst deploy --stage prod", "typecheck": "tsc --noEmit" }, "devDependencies": { @@ -21,4 +17,4 @@ "workspaces": [ "packages/*" ] -} \ No newline at end of file +} diff --git a/packages/docusaurus/docs/03-Pangolin/02-Configuration/03-wildcard-certs.md b/packages/docusaurus/docs/03-Pangolin/02-Configuration/03-wildcard-certs.md index df72936..8ea0f19 100644 --- a/packages/docusaurus/docs/03-Pangolin/02-Configuration/03-wildcard-certs.md +++ b/packages/docusaurus/docs/03-Pangolin/02-Configuration/03-wildcard-certs.md @@ -16,6 +16,7 @@ It is highly reccommended that you read the [official Traefik documentation](htt 1. Wildcard certificates allow you to secure your base domain and all subdomains with a single certificate. This reduces the number of certificates you need to manage. 2. You can add new subdomains to resources without needing to generate a new certificate each time. Without a wildcard certificate, you would need to wait (up to a few minutes usually) for a new certificate to be generated and loaded by Traefik. +- For example: A wildcard cert `*.example.com` could protect `api.example.com`, `blog.example.com`, and another `*.subdomain.example.com` could protect `api.subdomain.example.com`, `blog.subdomain.example.com`, etc. 3. The [rate limits](https://letsencrypt.org/docs/rate-limits/) for Let's Encrypt are per domain. Using a wildcard certificate reduces the number of domains you have, which can help you avoid hitting these limits. ## Setting Up Wildcard Certificates @@ -23,6 +24,8 @@ It is highly reccommended that you read the [official Traefik documentation](htt 1. Make sure the stack is not running. 2. Update the Traefik configuration to use the DNS-01 challenge instead of the HTTP-01 challenge. This tells Traefik to use your DNS provider to create the DNS records needed for the challenge. 3. Set the `prefer_wildcard_cert` flag to `true` in the Pangolin configuration file. +- This settings will try to encourage Traefik to request one wildcard certificate for each level of the domain used by your existing resources. +- For example: If you have two resources `blog.example.com` and `blog.subdomain.example.com`, Traefik should try to request a wildcard certificate for `*.example.com` and `*.subdomain.example.com` automatically for you. ## Traefik Configuration