Home Explore Help
Register Sign In
lqb
/
nginx-ui
mirror of https://github.com/0xJacky/nginx-ui.git
1
0
Fork 0
Files Issues 0 Wiki
Branch: dev
Branches Tags
nginx-ui
/
internal
/
cert
/
config
/
gcloud.toml

gcloud.toml 2.3 KB
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849 
  1. Name = "Google Cloud"
    2. 

  2. Description = ''''''
    3. 

  3. URL = "https://cloud.google.com"
    4. 

  4. Code = "gcloud"
    5. 

  5. Since = "v0.3.0"
    6. 

  6. 

  7. Example = '''
    8. 

  8. # Using a service account file
    9. 

  9. GCE_PROJECT="gc-project-id" \
    10. 

  10. GCE_SERVICE_ACCOUNT_FILE="/path/to/svc/account/file.json" \
    11. 

  11. lego --email you@example.com --dns gcloud -d '*.example.com' -d example.com run
    12. 

  12. 

  13. # Using default credentials with impersonation
    14. 

  14. GCE_PROJECT="gc-project-id" \
    15. 

  15. GCE_IMPERSONATE_SERVICE_ACCOUNT="target-sa@gc-project-id.iam.gserviceaccount.com" \
    16. 

  16. lego --email you@example.com --dns gcloud -d '*.example.com' -d example.com run
    17. 

  17. 

  18. # Using service account key with impersonation
    19. 

  19. GCE_PROJECT="gc-project-id" \
    20. 

  20. GCE_SERVICE_ACCOUNT_FILE="/path/to/svc/account/file.json" \
    21. 

  21. GCE_IMPERSONATE_SERVICE_ACCOUNT="target-sa@gc-project-id.iam.gserviceaccount.com" \
    22. 

  22. lego --email you@example.com --dns gcloud -d '*.example.com' -d example.com run
    23. 

  23. '''
    24. 

  24. 

  25. Additional = '''
    26. 

  26. Supports service account impersonation to access Google Cloud DNS resources across different projects or with restricted permissions.
    27. 

  27. 

  28. When using impersonation, the source service account must have:
    29. 

  29. 1. The "Service Account Token Creator" role on the source service account
    30. 

  30. 2. The "https://www.googleapis.com/auth/cloud-platform" scope
    31. 

  31. '''
    32. 

  32. 

  33. [Configuration]
    34. 

  34.   [Configuration.Credentials]
    35. 

  35.     GCE_PROJECT = "Project name (by default, the project name is auto-detected by using the metadata service)"
    36. 

  36.     'Application Default Credentials' = "[Documentation](https://cloud.google.com/docs/authentication/production#providing_credentials_to_your_application)"
    37. 

  37.     GCE_SERVICE_ACCOUNT_FILE = "Account file path"
    38. 

  38.     GCE_SERVICE_ACCOUNT = "Account"
    39. 

  39.   [Configuration.Additional]
    40. 

  40.     GCE_ALLOW_PRIVATE_ZONE = "Allows requested domain to be in private DNS zone, works only with a private ACME server (by default: false)"
    41. 

  41.     GCE_ZONE_ID = "Allows to skip the automatic detection of the zone"
    42. 

  42.     GCE_IMPERSONATE_SERVICE_ACCOUNT = "Service account email to impersonate"
    43. 

  43.     GCE_POLLING_INTERVAL = "Time between DNS propagation check in seconds (Default: 5)"
    44. 

  44.     GCE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation in seconds (Default: 180)"
    45. 

  45.     GCE_TTL = "The TTL of the TXT record used for the DNS challenge in seconds (Default: 120)"
    46. 

  46. 

  47. [Links]
    48. 

  48.   API = "https://cloud.google.com/dns/api/v1/"
    49. 

  49.   GoClient = "https://github.com/googleapis/google-api-go-client"
    50.