acme-dns/config.cfg

[general]
# DNS interface. Note that systemd-resolved may reserve port 53 on 127.0.0.53
# In this case acme-dns will error out and you will need to define the listening interface
# for example: listen = "127.0.0.1:53"
listen = "127.0.0.1:53"
# protocol, "both", "both4", "both6", "udp", "udp4", "udp6" or "tcp", "tcp4", "tcp6"
protocol = "both"
# domain name to serve the requests off of
domain = "auth.example.org"
# zone name server
nsname = "auth.example.org"
# admin email address, where @ is substituted with .
nsadmin = "admin.example.org"
# predefined records served in addition to the TXT
records = [
    # domain pointing to the public IP of your acme-dns server 
    "auth.example.org. A 198.51.100.1",
    # specify that auth.example.org will resolve any *.auth.example.org records
    "auth.example.org. NS auth.example.org.",
]
# debug messages from CORS etc
debug = false

[database]
# Database engine to use, sqlite3 or postgres
engine = "sqlite3"
# Connection string, filename for sqlite3 and postgres://$username:$password@$host/$db_name for postgres
# Please note that the default Docker image uses path /var/lib/acme-dns/acme-dns.db for sqlite3
connection = "/var/lib/acme-dns/acme-dns.db"
# connection = "postgres://user:password@localhost/acmedns_db"

[api]
# listen ip eg. 127.0.0.1
ip = "0.0.0.0"
# disable registration endpoint
disable_registration = false
# listen port, eg. 443 for default HTTPS
port = "443"
# possible values: "letsencrypt", "letsencryptstaging", "cert", "none"
tls = "letsencryptstaging"
# only used if tls = "cert"
tls_cert_privkey = "/etc/tls/example.org/privkey.pem"
tls_cert_fullchain = "/etc/tls/example.org/fullchain.pem"
# only used if tls = "letsencrypt"
acme_cache_dir = "api-certs"
# optional e-mail address to which Let's Encrypt will send expiration notices for the API's cert
notification_email = ""
# CORS AllowOrigins, wildcards can be used
corsorigins = [
    "*"
]
# use HTTP header to get the client ip
use_header = false
# header name to pull the ip address / list of ip addresses from
header_name = "X-Forwarded-For"

[logconfig]
# logging level: "error", "warning", "info" or "debug"
loglevel = "debug"
# possible values: stdout, TODO file & integrations
logtype = "stdout"
# file path for logfile TODO
# logfile = "./acme-dns.log"
# format, either "json" or "text"
logformat = "text"
-												Initial commit, PoC quality

											
										
										
											2016-11-11 21:48:00 +07:00
+								[general]
-												Better error handling in goroutines (#122)

* More robust goroutine error handling using channels

* Fix tests and make startup log msg saner

* Clarification to README and config file

											
										
										
											2018-10-31 05:54:51 +07:00
+								# DNS interface. Note that systemd-resolved may reserve port 53 on 127.0.0.53
 								# In this case acme-dns will error out and you will need to define the listening interface
 								# for example: listen = "127.0.0.1:53"
-												Fix Docker instructions and add option to bind both UDP and TCP  DNS listeners (#130)


											
										
										
											2018-12-13 17:19:10 +07:00
+								listen = "127.0.0.1:53"
 								# protocol, "both", "both4", "both6", "udp", "udp4", "udp6" or "tcp", "tcp4", "tcp6"
 								protocol = "both"
-												Make ACME cache directory location configurable (#81)

* Remove trailing whitespace from README and config

* Make ACME cache directory location configurable

											
										
										
											2018-05-14 17:42:39 +07:00
+								# domain name to serve the requests off of
-												Initial commit, PoC quality

											
										
										
											2016-11-11 21:48:00 +07:00
+								domain = "auth.example.org"
-												Make ACME cache directory location configurable (#81)

* Remove trailing whitespace from README and config

* Make ACME cache directory location configurable

											
										
										
											2018-05-14 17:42:39 +07:00
+								# zone name server
-												 fix inconsistency between README and actual config (#114)

* fix inconsistency between README and actual config

* clarify example config in sync w/ config.cfg

											
										
										
											2018-09-28 04:46:07 +07:00
+								nsname = "auth.example.org"
-												Documentation updates to config file.

											
										
										
											2016-12-02 23:14:02 +07:00
+								# admin email address, where @ is substituted with .
-												Initial commit, PoC quality

											
										
										
											2016-11-11 21:48:00 +07:00
+								nsadmin = "admin.example.org"
-												Documentation updates to config file.

											
										
										
											2016-12-02 23:14:02 +07:00
+								# predefined records served in addition to the TXT
-												Moved static records to more intuitive place

											
										
										
											2016-11-15 14:27:34 +07:00
+								records = [
-												 fix inconsistency between README and actual config (#114)

* fix inconsistency between README and actual config

* clarify example config in sync w/ config.cfg

											
										
										
											2018-09-28 04:46:07 +07:00
+								    # domain pointing to the public IP of your acme-dns server
 								    "auth.example.org. A 198.51.100.1",
 								    # specify that auth.example.org will resolve any *.auth.example.org records
 								    "auth.example.org. NS auth.example.org.",
-												Moved static records to more intuitive place

											
										
										
											2016-11-15 14:27:34 +07:00
+								]
-												Added CORS support

											
										
										
											2016-11-16 19:56:49 +07:00
+								# debug messages from CORS etc
 								debug = false
-												Moved static records to more intuitive place

											
										
										
											2016-11-15 14:27:34 +07:00
-												Added PostgreSQL support

											
										
										
											2016-11-17 22:52:55 +07:00
+								[database]
 								# Database engine to use, sqlite3 or postgres
 								engine = "sqlite3"
 								# Connection string, filename for sqlite3 and postgres://$username:$password@$host/$db_name for postgres
-												Docker instructions and configuration (#33)

* Added dockerfile

* Docker configuration

* Added Docker images, composer configuration and documentation

											
										
										
											2018-01-22 17:35:07 +07:00
+								# Please note that the default Docker image uses path /var/lib/acme-dns/acme-dns.db for sqlite3
-												Fix the default configuration SQLite db path (#143)


											
										
										
											2019-02-01 14:55:26 +07:00
+								connection = "/var/lib/acme-dns/acme-dns.db"
-												Added PostgreSQL support

											
										
										
											2016-11-17 22:52:55 +07:00
+								# connection = "postgres://user:password@localhost/acmedns_db"
-												Initial commit, PoC quality

											
										
										
											2016-11-11 21:48:00 +07:00
-												Refactoring, alpha v0.1

											
										
										
											2016-11-13 19:50:44 +07:00
+								[api]
-												Go 1.9 and Iris v8, added possibility to bind to IP (#15)


											
										
										
											2017-11-13 04:40:15 +07:00
+								# listen ip eg. 127.0.0.1
-												Docker instructions and configuration (#33)

* Added dockerfile

* Docker configuration

* Added Docker images, composer configuration and documentation

											
										
										
											2018-01-22 17:35:07 +07:00
+								ip = "0.0.0.0"
-												Add configuration option to disable registration endpoint (#51)


											
										
										
											2018-03-15 04:35:39 +07:00
+								# disable registration endpoint
 								disable_registration = false
-												Refactoring, alpha v0.1

											
										
										
											2016-11-13 19:50:44 +07:00
+								# listen port, eg. 443 for default HTTPS
-												Migrate over to certmagic from using autocert (#190)

* Use certmagic for challenge validation

* WIP

* Get the correct key

* Override preflight check logic

* Fix logging for imported packages and tidy config.cfg

* Fix test and add docstrings

* Update README

											
										
										
											2019-10-21 02:52:19 +07:00
+								port = "443"
 								# possible values: "letsencrypt", "letsencryptstaging", "cert", "none"
 								tls = "letsencryptstaging"
-												Initial commit, PoC quality

											
										
										
											2016-11-11 21:48:00 +07:00
+								# only used if tls = "cert"
 								tls_cert_privkey = "/etc/tls/example.org/privkey.pem"
 								tls_cert_fullchain = "/etc/tls/example.org/fullchain.pem"
-												Make ACME cache directory location configurable (#81)

* Remove trailing whitespace from README and config

* Make ACME cache directory location configurable

											
										
										
											2018-05-14 17:42:39 +07:00
+								# only used if tls = "letsencrypt"
 								acme_cache_dir = "api-certs"
-												Add support for LE expiration notification e-mails on API cert (#227)


											
										
										
											2021-01-11 19:35:54 +07:00
+								# optional e-mail address to which Let's Encrypt will send expiration notices for the API's cert
 								notification_email = ""
-												Added CORS support

											
										
										
											2016-11-16 19:56:49 +07:00
+								# CORS AllowOrigins, wildcards can be used
 								corsorigins = [
-												Added PostgreSQL support

											
										
										
											2016-11-17 22:52:55 +07:00
+								    "*"
-												Added CORS support

											
										
										
											2016-11-16 19:56:49 +07:00
+								]
-												Added config option to check for a header value for clinet IP

											
										
										
											2016-12-02 22:04:16 +07:00
+								# use HTTP header to get the client ip
 								use_header = false
 								# header name to pull the ip address / list of ip addresses from
 								header_name = "X-Forwarded-For"
-												Refactoring, alpha v0.1

											
										
										
											2016-11-13 19:50:44 +07:00
 								[logconfig]
-												Logging changes

											
										
										
											2016-11-23 21:42:39 +07:00
+								# logging level: "error", "warning", "info" or "debug"
-												Refactoring, alpha v0.1

											
										
										
											2016-11-13 19:50:44 +07:00
+								loglevel = "debug"
-												Went logrus

											
										
										
											2016-11-26 20:42:35 +07:00
+								# possible values: stdout, TODO file & integrations
-												Refactoring, alpha v0.1

											
										
										
											2016-11-13 19:50:44 +07:00
+								logtype = "stdout"
-												Went logrus

											
										
										
											2016-11-26 20:42:35 +07:00
+								# file path for logfile TODO
 								# logfile = "./acme-dns.log"
-												Make ACME cache directory location configurable (#81)

* Remove trailing whitespace from README and config

* Make ACME cache directory location configurable

											
										
										
											2018-05-14 17:42:39 +07:00
+								# format, either "json" or "text"
-												Went logrus

											
										
										
											2016-11-26 20:42:35 +07:00
+								logformat = "text"