自动申请 acme 证书,自动添加 acme 验证路由,证书自动续期
目前只支持通过文本验证来申请单域名证书,暂不支持泛域名证书申请
-
域名解析到 apisix 服务器
-
调用服务
http://${apisix-server}/apisix_acme/task_create自动创建证书 -
每天凌晨会自动检查 30 天内即将过期证书并自动重新申请
可以直接使用 tmaize/apisix-acme 镜像,或者本地构建./build.sh build
services:
# ...
apisix-acme:
image: apisix-acme:1.0.10
restart: always
depends_on:
- apisix
volumes:
- ./apisix_acme_out:/app/src/out
environment:
- TZ=Asia/Shanghai
- VERIFY_TOKEN=custom_token
- SELF_APISIX_HOST=http://apisix-acme:80
- APISIX_HOST=http://apisix:9080
- APISIX_TOKEN=xxxxxxxxxx
- [email protected]
- DING_DING_TOKEN=xxxxxxxxxx
networks:
apisix:-
新增、更新证书
/apisix_acme/task_createdomain 必填,serviceList、mail 可选,VERIFY-TOKEN 可选
POST { "domain": "example.com", "serviceList": [], "mail": "" } HEADER {VERIFY-TOKEN: xxxxxxxxxx}响应
{ "code": 200, "message": "证书已存在且未过期,跳过操作", "data": { "status": "skip", "domain": "example.com" } }{ "code": 200, "message": "证书申请中,等待片刻", "data": { "status": "running", "domain": "example.com" } }{ "code": 200, "message": "任务已提交,等待片刻", "data": { "status": "created", "domain": "example.com" } } -
查询任务
/apisix_acme/task_status请求
GET ?domain=example.com响应
{ "code": 200, "data": { "status": "error", "domain": "example.com", "error": "域名不存在" } }{ "code": 200, "data": { "status": "running", "domain": "example.com" } }{ "code": 200, "data": { "status": "success", "domain": "example.com" } } -
工具页面
/apisix_acme/tool.html