PrivLab/Traefik
0
Fork 0
Code Actions Releases 2 Activity

2
Traefik / Traefik (arm64, cicd.any, bookworm trixie noble, main) (push) Successful in 1m56s
Details
Traefik / Traefik (amd64, cicd.any, bookworm trixie noble, main) (push) Successful in 2m0s
Details

Browse Source
This commit is contained in:
Cantibra
2026-06-11 07:15:43 +02:00
parent 3244bf45d4
commit 4ca007c80b
6 changed files with 8 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.env
+1 -1
View File
@@ -1 +1 @@
VERSION='3.7.1'
VERSION='3.7.5'
traefik/DEBIAN/postinst
+4 -1
View File
@@ -37,7 +37,10 @@ case "${1}" in
/usr/bin/install --directory --group='traefik' --mode='750' --owner='traefik' '/var/lib/traefik'
/usr/bin/install --directory --group='traefik' --mode='750' --owner='traefik' '/var/log/traefik'
/usr/bin/install --directory --group='traefik' --mode='750' --owner='traefik' '/var/logrotate/traefik'
/usr/bin/chown --quiet --recursive 'traefik' '/etc/traefik'
/usr/bin/chown --quiet --recursive 'traefik' \
'/etc/traefik/providers.yml' \
'/etc/traefik/traefik.env' \
'/etc/traefik/traefik.yml'
if [ -x '/usr/bin/deb-systemd-invoke' ]; then
/usr/bin/systemctl --system daemon-reload > '/dev/null' || true
if [ -n "${2}" ]; then
traefik/etc/traefik/acme/00-export
-5
View File
@@ -51,7 +51,6 @@ for RESOLVER in $(/usr/bin/jq --raw-output --exit-status 'keys[]' "${ACME_DATABA
/usr/bin/echo -e "-----BEGIN RSA PRIVATE KEY-----\n${ACCOUNT}\n-----END RSA PRIVATE KEY-----" | \
/usr/bin/openssl 'rsa' -inform 'pem' -out "${ACME_STORAGE}/.${RESOLVER}/account.key" &> '/dev/null'
/usr/bin/chmod '0400' "${ACME_STORAGE}/.${RESOLVER}/account.key"
/usr/bin/chown 'traefik':'traefik' "${ACME_STORAGE}/.${RESOLVER}/account.key"
for DOMAIN in $(/usr/bin/jq --raw-output --arg resolver "${RESOLVER}" --exit-status '.[$resolver].Certificates[].domain.main' "${ACME_DATABASE}"); do
CERTIFICATE=$(/usr/bin/jq --raw-output --arg resolver "${RESOLVER}" --arg domain "${DOMAIN}" --exit-status '.[$resolver].Certificates[] | select (.domain.main == $domain ) | .certificate' "${ACME_DATABASE}")
KEY=$(/usr/bin/jq --raw-output --arg resolver "${RESOLVER}" --arg domain "${DOMAIN}" --exit-status '.[$resolver].Certificates[] | select (.domain.main == $domain ) | .key' "${ACME_DATABASE}")
@@ -62,22 +61,18 @@ for RESOLVER in $(/usr/bin/jq --raw-output --exit-status 'keys[]' "${ACME_DATABA
/usr/bin/echo "${CERTIFICATE}" | \
/usr/bin/base64 --decode > "${ACME_STORAGE}/${DOMAIN}/rsa/root.crt"
/usr/bin/chmod '0400' "${ACME_STORAGE}/${DOMAIN}/rsa/root.crt"
/usr/bin/chown 'traefik':'traefik' "${ACME_STORAGE}/${DOMAIN}/rsa/root.crt"
/usr/bin/echo "${KEY}" | \
/usr/bin/base64 --decode > "${ACME_STORAGE}/${DOMAIN}/rsa/root.key"
/usr/bin/chmod '0400' "${ACME_STORAGE}/${DOMAIN}/rsa/root.key"
/usr/bin/chown 'traefik':'traefik' "${ACME_STORAGE}/${DOMAIN}/rsa/root.key"
;;
*ecdsa*)
/usr/bin/install --directory --group='traefik' --mode='0700' --owner='traefik' "${ACME_STORAGE}/${DOMAIN}/ecc"
/usr/bin/echo "${CERTIFICATE}" | \
/usr/bin/base64 --decode > "${ACME_STORAGE}/${DOMAIN}/ecc/root.crt"
/usr/bin/chmod '0400' "${ACME_STORAGE}/${DOMAIN}/ecc/root.crt"
/usr/bin/chown 'traefik':'traefik' "${ACME_STORAGE}/${DOMAIN}/ecc/root.crt"
/usr/bin/echo "${KEY}" | \
/usr/bin/base64 --decode > "${ACME_STORAGE}/${DOMAIN}/ecc/root.key"
/usr/bin/chmod '0400' "${ACME_STORAGE}/${DOMAIN}/ecc/root.key"
/usr/bin/chown 'traefik':'traefik' "${ACME_STORAGE}/${DOMAIN}/ecc/root.key"
;;
esac
done
traefik/etc/traefik/acme/01-changelog
+2 -2
View File
@@ -46,11 +46,11 @@ trap "/usr/bin/rm --force --recursive ${TMP_DIRECTORY}" EXIT
if [[ ! -f "${ACME_STORAGE_HASH}" ]]; then
/usr/bin/find "${ACME_STORAGE}" -type f -exec /usr/bin/md5sum {} + > "${ACME_STORAGE_HASH}"
/usr/bin/chmod 0600 "${ACME_STORAGE_HASH}"
/usr/bin/chown 'traefik':'traefik' "${ACME_STORAGE_HASH}"
# /usr/bin/chown 'traefik':'traefik' "${ACME_STORAGE_HASH}"
/usr/bin/diff '/dev/null' "${ACME_STORAGE_HASH}" | /usr/bin/grep '^>' | /usr/bin/awk '{print $3}' > "${ACME_STORAGE_CHANGELOG}" || \
/usr/bin/true
/usr/bin/chmod 0600 "${ACME_STORAGE_CHANGELOG}"
/usr/bin/chown 'traefik':'traefik' "${ACME_STORAGE_CHANGELOG}"
# /usr/bin/chown 'traefik':'traefik' "${ACME_STORAGE_CHANGELOG}"
exit 0
fi
traefik/etc/traefik/traefik.yml
+1 -2
View File
@@ -5,8 +5,7 @@ accessLog:
# - - - - - API - - - - - #
api:
disableDashboardAd: true
api: {}
# - - - - - Certificates Resolver - - - - - #
traefik/lib/systemd/system/traefik-acme.service
-2
View File
@@ -8,8 +8,6 @@ Type=simple
EnvironmentFile=/etc/traefik/acme/acme.env
ExecStartPre=/usr/bin/sleep 3s
ExecStart=/usr/bin/run-parts --exit-on-error --new-session /etc/traefik/acme
User=traefik
Group=traefik
PrivateDevices=true
PrivateTmp=true
ProtectSystem=strict