fosrl/docs
1
0
Fork 0
mirror of https://github.com/fosrl/docs.git synced 2025-05-12 21:30:43 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

update wildcard docs

Browse source
This commit is contained in:
Milo Schwartz 2025-01-03 20:09:48 -05:00
parent 3e7424ea99
commit 55cc04921e
No known key found for this signature in database
2 changed files with 5 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
package.json
View file

@ -4,11 +4,7 @@
"private": true, "private": true,
"type": "module", "type": "module",
"scripts": { "scripts": {
"dev": "sst dev", "deploy": "AWS_PROFILE=fossorial npx sst deploy --stage prod",
"build": "sst build",
"deploy": "sst deploy",
"remove": "sst remove",
"console": "sst console",
"typecheck": "tsc --noEmit" "typecheck": "tsc --noEmit"
}, },
"devDependencies": { "devDependencies": {
@ -21,4 +17,4 @@
"workspaces": [ "workspaces": [
"packages/*" "packages/*"
] ]
} }

3
packages/docusaurus/docs/03-Pangolin/02-Configuration/03-wildcard-certs.md
View file

@ -16,6 +16,7 @@ It is highly reccommended that you read the [official Traefik documentation](htt
1. Wildcard certificates allow you to secure your base domain and all subdomains with a single certificate. This reduces the number of certificates you need to manage. 1. Wildcard certificates allow you to secure your base domain and all subdomains with a single certificate. This reduces the number of certificates you need to manage.
2. You can add new subdomains to resources without needing to generate a new certificate each time. Without a wildcard certificate, you would need to wait (up to a few minutes usually) for a new certificate to be generated and loaded by Traefik. 2. You can add new subdomains to resources without needing to generate a new certificate each time. Without a wildcard certificate, you would need to wait (up to a few minutes usually) for a new certificate to be generated and loaded by Traefik.
- For example: A wildcard cert `*.example.com` could protect `api.example.com`, `blog.example.com`, and another `*.subdomain.example.com` could protect `api.subdomain.example.com`, `blog.subdomain.example.com`, etc.
3. The [rate limits](https://letsencrypt.org/docs/rate-limits/) for Let's Encrypt are per domain. Using a wildcard certificate reduces the number of domains you have, which can help you avoid hitting these limits. 3. The [rate limits](https://letsencrypt.org/docs/rate-limits/) for Let's Encrypt are per domain. Using a wildcard certificate reduces the number of domains you have, which can help you avoid hitting these limits.
## Setting Up Wildcard Certificates ## Setting Up Wildcard Certificates
@ -23,6 +24,8 @@ It is highly reccommended that you read the [official Traefik documentation](htt
1. Make sure the stack is not running. 1. Make sure the stack is not running.
2. Update the Traefik configuration to use the DNS-01 challenge instead of the HTTP-01 challenge. This tells Traefik to use your DNS provider to create the DNS records needed for the challenge. 2. Update the Traefik configuration to use the DNS-01 challenge instead of the HTTP-01 challenge. This tells Traefik to use your DNS provider to create the DNS records needed for the challenge.
3. Set the `prefer_wildcard_cert` flag to `true` in the Pangolin configuration file. 3. Set the `prefer_wildcard_cert` flag to `true` in the Pangolin configuration file.
- This settings will try to encourage Traefik to request one wildcard certificate for each level of the domain used by your existing resources.
- For example: If you have two resources `blog.example.com` and `blog.subdomain.example.com`, Traefik should try to request a wildcard certificate for `*.example.com` and `*.subdomain.example.com` automatically for you.
## Traefik Configuration ## Traefik Configuration