jack/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/roles
History
jack 0496e9ab61
Some checks failed
CI/CD / syntax-check (push) Successful in 43s
Details
CI/CD / deploy (push) Failing after 48s
Details
feat: wildcard TLS certificate *.csrx.ru via Cloudflare DNS-01 
Add tls.stores.default.defaultGeneratedCert in dynamic config:
- Traefik requests one *.csrx.ru + csrx.ru SAN cert via DNS-01
- All existing and future subdomains use this single cert
- No per-service cert issuance wait when adding new services
- Cert auto-renewed by Traefik ~30 days before expiry

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-22 04:13:42 +07:00
..
backup feat: Timeweb S3 offsite backup uploads 2026-03-22 03:58:58 +07:00
base fix: allow Docker bridge networks through UFW for runner + add unattended-upgrades 2026-03-22 04:11:39 +07:00
docker feat: Cloudflare DNS-01 ACME + Docker hardening + sysctl 2026-03-22 04:06:46 +07:00
services feat: wildcard TLS certificate *.csrx.ru via Cloudflare DNS-01 2026-03-22 04:13:42 +07:00