{"id":702,"date":"2022-02-26T18:54:41","date_gmt":"2022-02-26T17:54:41","guid":{"rendered":"http:\/\/daisy-street.fr\/?p=702"},"modified":"2022-03-02T12:09:45","modified_gmt":"2022-03-02T11:09:45","slug":"ssl-pour-le-home-lab","status":"publish","type":"post","link":"https:\/\/daisy-street.fr\/index.php\/2022\/02\/26\/ssl-pour-le-home-lab\/","title":{"rendered":"SSL pour le home lab"},"content":{"rendered":"\n<p><a href=\"https:\/\/myhomelab.gr\/linux\/2019\/12\/13\/local-ca-setup.html\">https:\/\/myhomelab.gr\/linux\/2019\/12\/13\/local-ca-setup.html<\/a><\/p>\n\n\n\n<p>Mon domain : daisy-street.fr<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Pihole<\/h2>\n\n\n\n<p>configuration du dns pihole 192.168.1.50<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"647\" height=\"330\" data-attachment-id=\"708\" data-permalink=\"https:\/\/daisy-street.fr\/index.php\/2022\/02\/26\/ssl-pour-le-home-lab\/image-24\/\" data-orig-file=\"https:\/\/daisy-street.fr\/wp-content\/uploads\/2022\/02\/image.png\" data-orig-size=\"647,330\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"image\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/daisy-street.fr\/wp-content\/uploads\/2022\/02\/image-300x153.png\" data-large-file=\"https:\/\/daisy-street.fr\/wp-content\/uploads\/2022\/02\/image.png\" src=\"https:\/\/daisy-street.fr\/wp-content\/uploads\/2022\/02\/image.png\" alt=\"\" class=\"wp-image-708\" srcset=\"https:\/\/daisy-street.fr\/wp-content\/uploads\/2022\/02\/image.png 647w, https:\/\/daisy-street.fr\/wp-content\/uploads\/2022\/02\/image-300x153.png 300w\" sizes=\"auto, (max-width: 647px) 100vw, 647px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"709\" height=\"502\" data-attachment-id=\"709\" data-permalink=\"https:\/\/daisy-street.fr\/index.php\/2022\/02\/26\/ssl-pour-le-home-lab\/image-1-4\/\" data-orig-file=\"https:\/\/daisy-street.fr\/wp-content\/uploads\/2022\/02\/image-1.png\" data-orig-size=\"709,502\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"image-1\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/daisy-street.fr\/wp-content\/uploads\/2022\/02\/image-1-300x212.png\" data-large-file=\"https:\/\/daisy-street.fr\/wp-content\/uploads\/2022\/02\/image-1.png\" src=\"https:\/\/daisy-street.fr\/wp-content\/uploads\/2022\/02\/image-1.png\" alt=\"\" class=\"wp-image-709\" srcset=\"https:\/\/daisy-street.fr\/wp-content\/uploads\/2022\/02\/image-1.png 709w, https:\/\/daisy-street.fr\/wp-content\/uploads\/2022\/02\/image-1-300x212.png 300w\" sizes=\"auto, (max-width: 709px) 100vw, 709px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Renvoyer les serveurs sur le dns\/dhcp pihole<\/h2>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-plain\"><code>nano \/etc\/netplan\/00-installer-config.yaml\nnano \/etc\/resolv.conf\nnano \/etc\/hostname\n<\/code><\/pre><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Installer traefik <\/h2>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Put Wildcard Certificates and SSL on EVERYTHING - Traefik + Portainer Tutorial\" width=\"525\" height=\"295\" src=\"https:\/\/www.youtube.com\/embed\/liV3c9m_OX8?start=13&#038;feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">docker-compose.yml<\/h3>\n\n\n\n<p>Generer password traefik<\/p>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-plain\"><code>sudo apt install apache2-utils\necho $(htpasswd -nb &lt;USER&gt; &lt;PASSWORD&gt;) | sed -e s\/\\\\$\/\\\\$\\\\$\/g\n<\/code><\/pre><\/div>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-plain\"><code>    volumes:\n      - \/SystemSvg\/VM_109\/traefik\/data\/traefik.yml:\/traefik.yml:ro\n      - \/SystemSvg\/VM_109\/traefik\/data\/acme.json:\/acme.json\n      - \/SystemSvg\/VM_109\/traefik\/data\/config.yml:\/config.yml:ro\n    labels:\n      - &quot;traefik.http.routers.traefik.rule=Host(`traefik-dashboard.local.daisy-street.fr`)&quot;\n      - &quot;traefik.http.middlewares.traefik-auth.basicauth.users=&lt;USER&gt;:&lt;HASHED-PASSWORD&gt;&quot;\n      - &quot;traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.local.daisy-street.fr`)&quot;<\/code><\/pre><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Configurer SSL<\/h2>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-bash\" data-lang=\"Bash\"><code>openssl genrsa -des3 -out root.key 2048<\/code><\/pre><\/div>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-bash\" data-lang=\"Bash\"><code>david@legion2:\/SystemSvg\/clersa$ openssl req -x509 -new -nodes -key root.key -sha256 -days 7200 -out root.pem\nEnter pass phrase for root.key:\nYou are about to be asked to enter information that will be incorporated\ninto your certificate request.\nWhat you are about to enter is what is called a Distinguished Name or a DN.\nThere are quite a few fields but you can leave some blank\nFor some fields there will be a default value,\nIf you enter &#39;.&#39;, the field will be left blank.\n-----\nCountry Name (2 letter code) [AU]:FR\nState or Province Name (full name) [Some-State]:Hauts-de-Seine\nLocality Name (eg, city) []:Antony\nOrganization Name (eg, company) [Internet Widgits Pty Ltd]:Homelab\nOrganizational Unit Name (eg, section) []:IT\nCommon Name (e.g. server FQDN or YOUR name) []:DaisyStreet HomeLab Authority\nEmail Address []:\ndavid@legion2:\/SystemSvg\/clersa$\n<\/code><\/pre><\/div>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-plain\"><code>openssl genrsa -out wildcard.homelab.home.key 2048<\/code><\/pre><\/div>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-plain\"><code>nano opensslsan.cnf\n\n[req]\ndistinguished_name = req_distinguished_name\nreq_extensions = v3_req\nprompt = no\n[req_distinguished_name]\nC = FR\nST = Hauts-de-Seine\nL = Antony\nO = Wildcard Homelab Inc\nOU = IT\nCN = *.homelab.home\n[v3_req]\nkeyUsage = keyEncipherment, dataEncipherment\nextendedKeyUsage = serverAuth\nsubjectAltName = @alt_names\n[alt_names]\nDNS.1 = *.homelab.home\n<\/code><\/pre><\/div>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-plain\"><code>openssl req -new -out wildcard.homelab.home.csr \\\n-key wildcard.homelab.home.key \\\n-config opensslsan.cnf<\/code><\/pre><\/div>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-plain\"><code>openssl x509 -req -in wildcard.homelab.home.csr \\\n-CA root.pem \\\n-CAkey root.key \\\n-CAcreateserial \\\n-out wildcard.homelab.home.crt \\\n-days 7200 \\\n-sha256 \\\n-extensions v3_req \\\n-extfile opensslsan.cnf<\/code><\/pre><\/div>\n","protected":false},"excerpt":{"rendered":"<p>https:\/\/myhomelab.gr\/linux\/2019\/12\/13\/local-ca-setup.html Mon domain : daisy-street.fr Pihole configuration du dns pihole 192.168.1.50 Renvoyer les serveurs sur le dns\/dhcp pihole Installer traefik docker-compose.yml Generer password traefik Configurer SSL<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ub_ctt_via":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[1],"tags":[100,98,99,97,96],"class_list":["post-702","post","type-post","status-publish","format-standard","hentry","category-non-classe","tag-domain","tag-key","tag-lan","tag-root","tag-ssl"],"jetpack_publicize_connections":[],"featured_image_src":null,"author_info":{"display_name":"admin9483","author_link":"https:\/\/daisy-street.fr\/index.php\/author\/admin9483\/"},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/daisy-street.fr\/index.php\/wp-json\/wp\/v2\/posts\/702","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/daisy-street.fr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/daisy-street.fr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/daisy-street.fr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/daisy-street.fr\/index.php\/wp-json\/wp\/v2\/comments?post=702"}],"version-history":[{"count":7,"href":"https:\/\/daisy-street.fr\/index.php\/wp-json\/wp\/v2\/posts\/702\/revisions"}],"predecessor-version":[{"id":728,"href":"https:\/\/daisy-street.fr\/index.php\/wp-json\/wp\/v2\/posts\/702\/revisions\/728"}],"wp:attachment":[{"href":"https:\/\/daisy-street.fr\/index.php\/wp-json\/wp\/v2\/media?parent=702"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/daisy-street.fr\/index.php\/wp-json\/wp\/v2\/categories?post=702"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/daisy-street.fr\/index.php\/wp-json\/wp\/v2\/tags?post=702"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}