From 64ca11c10b146cfaad4998b37acf1b0e7f4612fd Mon Sep 17 00:00:00 2001
From: Czechman <matthias@czechman.de>
Date: Mon, 5 Dec 2022 00:32:51 +0100
Subject: [PATCH] versuch auf cz.mcseeno.de zu wechseln inkl. certs

---
 config/certs/_wildcard__cz_mcseeno_de.crt | 21 ++++++++++++++++++
 config/certs/cz_mcseeno_de.key            | 27 +++++++++++++++++++++++
 config/fileconf/dynamic.yml               |  3 +++
 config/fileconf/file.toml                 | 15 ++++++++-----
 config/traefik.toml                       |  3 ++-
 docker-compose.traefik.v2x.yml            |  1 +
 6 files changed, 64 insertions(+), 6 deletions(-)
 create mode 100644 config/certs/_wildcard__cz_mcseeno_de.crt
 create mode 100644 config/certs/cz_mcseeno_de.key

diff --git a/config/certs/_wildcard__cz_mcseeno_de.crt b/config/certs/_wildcard__cz_mcseeno_de.crt
new file mode 100644
index 0000000..62eaa7b
--- /dev/null
+++ b/config/certs/_wildcard__cz_mcseeno_de.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDYjCCAkqgAwIBAgIEDFnwZjANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDDA8q
+LmN6Lm1jc2Vlbm8uZGUwHhcNMjIxMjA0MjMwODE2WhcNMjMxMjA0MjMwODE2WjAa
+MRgwFgYDVQQDDA8qLmN6Lm1jc2Vlbm8uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQDXjkkL1//t5GdGe6Tpk1blIcv93zCFa13KrIddYSJZE6Zdf98P
+fo4QwH5zXQ4XgQ29bUPyR24AWtEqCvojt3lxu44ptDxMOJzlXaasUD78LDjMS6Ay
+vAvfc9Bv3YQMj0W9NhYWFOLKFfKwjDKRDyiRLqv3mcGieiQ393obzINUdLt5wUMK
+0PZ5ElSJfWLAIxjUjwgfQhHec101rKwx6pFrXDHjx+YneiPHxeFwWMphkXFFdo3s
+jfVFySczlQbDNtzOI3x/GYfS1ugsogUafQK+qcH6TNq/KyAOM57SOCHAwngOOGhn
+gGeBzhnv6syoyvn4mk+m+NryywemHl4En6hvAgMBAAGjga8wgawwHQYDVR0OBBYE
+FC9aVH8c+dG6TLycFNTaFx9M6YKtMAkGA1UdEwQCMAAwRQYDVR0jBD4wPIAUL1pU
+fxz50bpMvJwU1NoXH0zpgq2hHqQcMBoxGDAWBgNVBAMMDyouY3oubWNzZWVuby5k
+ZYIEDFnwZjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGgYDVR0RBBMw
+EYIPKi5jei5tY3NlZW5vLmRlMA0GCSqGSIb3DQEBCwUAA4IBAQDKK6rWTYjyiYEG
+Sn3LtpnKr5hZ1K9rhzUUxQ5aMVwaNerXEKf83JPX6I7J3AlmxefWxzEp6pv9FYny
+o+sY2tHgbncXPUIkAZW1LDznd6gK+N9CmNiSUCuZaigtfavk3V/eNBc08Pcjc8Ky
+TJC1ba9xSKCyCODWM/WezANB0jHmef28kmxLt+nxKEMi2Kx2skRN91+cYuFuIIqI
+rlMEdNZlYM88ch0OGqRouYfQe/7zksytUxOtE39l1QSIJuqMrwBy4NYvHpOAEWSd
+5vGJo3JB1aGgAtYwwGxYMUSMVJjSYFE6hUSRC+Uqvh8mEuz9x3syWIYpQjhHxI8C
+Xdtynpg8
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/config/certs/cz_mcseeno_de.key b/config/certs/cz_mcseeno_de.key
new file mode 100644
index 0000000..6b8c11f
--- /dev/null
+++ b/config/certs/cz_mcseeno_de.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEA145JC9f/7eRnRnuk6ZNW5SHL/d8whWtdyqyHXWEiWROmXX/f
+D36OEMB+c10OF4ENvW1D8kduAFrRKgr6I7d5cbuOKbQ8TDic5V2mrFA+/Cw4zEug
+MrwL33PQb92EDI9FvTYWFhTiyhXysIwykQ8okS6r95nBonokN/d6G8yDVHS7ecFD
+CtD2eRJUiX1iwCMY1I8IH0IR3nNdNaysMeqRa1wx48fmJ3ojx8XhcFjKYZFxRXaN
+7I31RcknM5UGwzbcziN8fxmH0tboLKIFGn0CvqnB+kzavysgDjOe0jghwMJ4Djho
+Z4Bngc4Z7+rMqMr5+JpPpvja8ssHph5eBJ+obwIDAQABAoIBACFQo2eKNcr9vxx8
+patYE1kMlSuioCwuwOs/KRi8l4Nu7wqKZd5OMATUy3ZnDnOBha8eQR8j/RNe9e7q
+jWiRxdpXI4y8h4k8QruMcuM079cnuouQsKzGtYsOqktv0CXkyuGIh3dYOQkExWKV
++IbE8f8mWHvHLs8+03Q28o9zV2To8P56AeiAMY6Id2VUODoJVjM+djhi5sXY895d
+njTd7ILfOAXW2hIsO55+5ka8Vff/FshSa9wyOZcsEgBh0pPd6c3TqVaDyj1GC3my
+2hYNGodOdkKeyUgOdbz7yD7G34yYg1BZqupJQffl8uYnA1i8He5Fprz8czxpxBrE
+mrFE3sECgYEA+xlBrG4Gms5LDb0I/ryuf6O2tOzFN/hp1ldBBDyZrfQ2Z10NENLN
+ZqMnIbY67+HwmMrhRhhuGmwgC96qACdSzwrcMJ2BauwADKTTzJhiNwlE2JxJF+/a
+9hordKrQpfmMLtRJlkQrWnpvLJvOjnulQIgh1RBLAURCZnXcouaUYg8CgYEA28Nr
+sCBWwOVwT4X5q+lVTaHafKAFoT2eUmRcOXk3rktN2l8g8UID0Br6RY/X06qKwwLH
+hUd/eMB/C+c1TpjYdhmtrVVLkHPi1/+lfAru4VUtKw1dQjHP9EkQzXXNE5zADoSx
+mcDCZ6hEWA7WK7uUaFNKLTvw2JK7d8A/+bLrM6ECgYEA3Lkp4rHg+mnGze/SnWIs
+niTCMa5D+txR5MlUbK38hU48GIZSOuyjA8r9VgQDMOTSgu0sM1q8Rluvm9+CXpoy
+j69DOTTrE5savAKT77Av/aMXMrXHBtSgDF+avXZ97Lg9Qtj3SrDnzyP64CKh4tvL
+ursvykQFOrrPB5Qpe8TmwH8CgYAPDmJwXKbU7GM3b4xddMz9VptrcmMwWtJf/rQ6
+0802yb35ug69uLIeLdr7rREyVTrQhX456V4YXcfWfu6uBda+sJ+vgmp86ROfjMo/
+p1gaZAWGL5I2GMeQivj1up5kO5cE555rVEN9ao/UIKAXuvA9/YbVdofXrqXdXHSF
+nPZ0QQKBgF1ukcHyTxezsho0VB1oDkFJYWgz4Fw5owga/Nr5nUgQrg2TC7HF916D
+H2F5m8c9hicPDxFIkxv/6uswCjnhwdDzkIh3zu7yNiO+u5yfDjgepwYj2lYXA1AH
+egVbpCeKnjk9cBKtseFF1Np/jKEhctwai8W/dE/uX2Qjh5ggCer/
+-----END RSA PRIVATE KEY-----
\ No newline at end of file
diff --git a/config/fileconf/dynamic.yml b/config/fileconf/dynamic.yml
index 0345cb9..db02ca5 100644
--- a/config/fileconf/dynamic.yml
+++ b/config/fileconf/dynamic.yml
@@ -1,4 +1,7 @@
 tls:
+  certificates:
+    - certFile: /etc/traefik/certs/_wildcard__cz_mcseeno_de.crt
+      keyFile: /etc/traefik/certs/cz_mcseeno_de.key
   options:
     default:
       minVersion: VersionTLS12
diff --git a/config/fileconf/file.toml b/config/fileconf/file.toml
index dfd324e..b1ff2d1 100644
--- a/config/fileconf/file.toml
+++ b/config/fileconf/file.toml
@@ -1,12 +1,14 @@
 [http.routers.utk]
-  rule = "Host(`utk.czechman.dynvpn.de`) && PathPrefix(`/`)"
+  rule = "Host(`utk.cz.mcseeno.de`) && PathPrefix(`/`)"
+#  rule = "Host(`utk.czechman.dynvpn.de`) && PathPrefix(`/`)"
   middlewares = ["utk"]
   service = "service-utk"
   [http.routers.utk.tls]
     certResolver = "myresolver"
 
 [https.routers.utk]
-  rule = "Host(`utk.czechman.dynvpn.de`) && PathPrefix(`/`)"
+  rule = "Host(`utk.cz.mcseeno.de`) && PathPrefix(`/`)"
+#  rule = "Host(`utk.czechman.dynvpn.de`) && PathPrefix(`/`)"
   middlewares = ["utk"]
   service = "service-utk"
 
@@ -27,7 +29,8 @@
     browserXSSFilter = true
     contentTypeNosniff = true
     forceSTSHeader = true
-    SSLHost = "czechman.dynvpn.de"
+    SSLHost = "cz.mcseeno.de"
+#    SSLHost = "czechman.dynvpn.de"
     STSIncludeSubdomains = true
     STSPreload = true
     customFrameOptionsValue = "SAMEORIGIN"
@@ -41,10 +44,12 @@
     browserXSSFilter = true
     contentTypeNosniff = true
     forceSTSHeader = true
-    SSLHost = "czechman.dynvpn.de"
+    SSLHost = "cz.mcseeno.de"
+#    SSLHost = "czechman.dynvpn.de"
     STSIncludeSubdomains = true
     STSPreload = true
     customFrameOptionsValue = "SAMEORIGIN"
     [https.middlewares.utk.headers.customResponseHeaders]
       X-Custom-Response-Header = "Strict-Transport-Security:15552000"
-
+  [https.middlewares.mcauth.basicauth]
+    users = ["McSeeno:$$2y$$13$$maYBYazCRDGmcKdSy/QA0eWBUEIpobxcUy.z68fnifcpoCqWm18wW"]
diff --git a/config/traefik.toml b/config/traefik.toml
index abf24d3..b662fd3 100644
--- a/config/traefik.toml
+++ b/config/traefik.toml
@@ -43,7 +43,8 @@
     [http.routers.docker.tls]
       certResolver = "myresolver"
       [[http.routers.docker.tls.domains]]
-        main = "czechman.dynvpn.de"
+        main = "cz.mcseeno.de"
+#        main = "czechman.dynvpn.de"
  #       sans = ["*.czechman.dynvpn.de"]
   
 
diff --git a/docker-compose.traefik.v2x.yml b/docker-compose.traefik.v2x.yml
index bc1a624..e3032d3 100644
--- a/docker-compose.traefik.v2x.yml
+++ b/docker-compose.traefik.v2x.yml
@@ -29,4 +29,5 @@ services:
       - /docker/traefik_v2x/config/traefik.toml:/etc/traefik/traefik.toml
       - /docker/traefik_v2x/config/acme.json:/acme.json
       - /docker/traefik_v2x/config/fileconf:/etc/traefik/fileconf
+      - /docker/traefik_v2x/config/certs:/etc/traefik/certs