ungleich-public
/
ungleich-certbot
6
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Docker container providing nginx/letsencrypt support
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5 Commits
1 Branch
13 Tags
456 KiB
 
 
Tree: 510028c209
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '510028c209'
${ noResults }
ungleich-certbot/README.md

1.1 KiB
Raw Blame History

ungleich-certbot

This container is made for getting real world certificates for your kubernetes cluster.

The assumption is that you can point the DNS name to the container from outside. This is by default given for IPv6 only kubernetes services.

Usage

  • Set the environment variable DOMAIN to specify the domain for which to get a certificate
  • Set the environment variable EMAIL (this is where letsencrypt sends warnings to)
  • Set the environment variable STAGING to "no" if you want to have proper certificates - this is to prevent you from asking the real letsencrypt service accidently by default
  • By default the container allows world read access to the certificates, so that non-root users can access the certificates. Set the LEAVE_PERMISSIONS_AS_IS environment variable to instruct the container not to change permissions
docker run -e DOMAIN=example.com \
           -e EMAIL=root@example.com \
              ungleich/ungleich-certbot

Volumes

If you want to keep / use your certificates, you are advised to create a volume below /etc/letsencrypt.

Kubernetes

Sample kubernetes usage: (TBD)