Request: add --include/--exclude arguments to specify the domain(s)

[mbegerau]

I would really like to see a feature where I could limit the domains for which the certificates are being dumped.

--include <regex string> (all domains that match the regex string are whitelisted, other domains are being ignored)
--exclude <regex string> (all domains that match the regex string are blacklisted, other domains are being dumped)

I have two cases where I need only a few certificates for a specific task, and now I can ignore the other certificates or rm them manually or in a post-hook. Would be a nice-to-have feature to automatically define the domains in the command arguments.

[Romloader]

I second this, I am dealing with software that doesn't support acme while the traefik instance routes a lot of services.

I would like to be able just to just export a specific certificate that will later be used for that specific use case.

@mbegerau maybe we could use some kind of script inside to copy exactly the one we need on a volume?

[ldez]

One certificate can be obtained for several domains (main and SANs), so filtering on domains will not work as expected: a certificate cannot be split.
And especially a tuple like --include/--exclude.

If, hypothetically, an option is introduced, only one option can exist, and this option should define the domains to export, and if at least one domain (main or SANs) matches the certificate will be exported.

Also, the current implementation already provides one certificate by domain, where the directory name is the main domain.

[Romloader]

Fair enough, I see.

I also just noticed you included the --post-hook flag which would come in hand in my use case, coupled with the --watch flag.

It should be possible to:

1. Create a Docker volume for Traefik to store the acme.json file.
2. Use the same volume to extract certificates (or use a separated volume, up to requirements)
3. Use the hook to copy certificates in a specific volume to be shared with the software that needs certificate files and doesn't support ACME.
4. WIN

(That is, if you reeeeally want to separate everything)
So I think my use case would be fulfilled this way.
How about you mbegerau?

Side note: ldez thanks a lot for maintaining this project! It's so convenient.