Compare commits
8 Commits
13ede8ea87
...
3109ff8d9c
| Author | SHA1 | Date |
|---|---|---|
aptalca
|
3109ff8d9c | |
|
aptalca
|
4239dc22d4 | |
LinuxServer-CI
|
44c6bd721b | |
|
LinuxServer-CI
|
d4a6be8fad | |
Adam
|
a66b478d1d | |
|
LinuxServer-CI
|
9efac76e25 | |
|
TheSpad
|
23c6384f2c | |
|
TheSpad
|
4b4c103df4 |
|
|
@ -104,6 +104,7 @@ RUN \
|
|||
certbot-dns-domeneshop \
|
||||
certbot-dns-dreamhost \
|
||||
certbot-dns-duckdns \
|
||||
certbot-dns-dynudns \
|
||||
certbot-dns-freedns \
|
||||
certbot-dns-gehirn \
|
||||
certbot-dns-glesys \
|
||||
|
|
|
|||
|
|
@ -104,6 +104,7 @@ RUN \
|
|||
certbot-dns-domeneshop \
|
||||
certbot-dns-dreamhost \
|
||||
certbot-dns-duckdns \
|
||||
certbot-dns-dynudns \
|
||||
certbot-dns-freedns \
|
||||
certbot-dns-gehirn \
|
||||
certbot-dns-glesys \
|
||||
|
|
|
|||
|
|
@ -227,7 +227,7 @@ Containers are configured using parameters passed at runtime (such as those abov
|
|||
| `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). |
|
||||
| `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) |
|
||||
| `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. |
|
||||
| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
|
||||
| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynudns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
|
||||
| `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. |
|
||||
| `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). |
|
||||
| `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` |
|
||||
|
|
@ -400,7 +400,9 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
|
|||
|
||||
## Versions
|
||||
|
||||
* **23.03.24:** - Fix perms on the generated `priv-fullchain-bundle.pem`.
|
||||
* **14.03.24:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf - Update Authelia conf samples with support for 4.38.
|
||||
* **11.03.24:** - Restore support for DynuDNS using `certbot-dns-dynudns`.
|
||||
* **06.03.24:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Cleanup default site conf.
|
||||
* **04.03.24:** - Remove `stream.conf` inside the container to allow users to include their own block in `nginx.conf`.
|
||||
* **23.01.24:** - Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate.
|
||||
|
|
|
|||
|
|
@ -23,8 +23,8 @@ azure-mgmt-core 1.4.0 python
|
|||
azure-mgmt-dns 8.1.0 python
|
||||
bash 5.2.21-r0 apk
|
||||
beautifulsoup4 4.12.3 python
|
||||
boto3 1.34.64 python
|
||||
botocore 1.34.64 python
|
||||
boto3 1.34.69 python
|
||||
botocore 1.34.69 python
|
||||
brotli-libs 1.1.0-r1 apk
|
||||
bs4 0.0.2 python
|
||||
busybox 1.36.1-r15 apk
|
||||
|
|
@ -51,6 +51,7 @@ certbot-dns-do 0.31.0 python
|
|||
certbot-dns-domeneshop 0.2.9 python
|
||||
certbot-dns-dreamhost 1.0 python
|
||||
certbot-dns-duckdns 1.3 python
|
||||
certbot-dns-dynudns 0.0.6 python
|
||||
certbot-dns-freedns 0.1.0 python
|
||||
certbot-dns-gehirn 2.9.0 python
|
||||
certbot-dns-glesys 2.1.0 python
|
||||
|
|
@ -114,9 +115,9 @@ gnupg-keyboxd 2.4.4-r0 apk
|
|||
gnupg-utils 2.4.4-r0 apk
|
||||
gnupg-wks-client 2.4.4-r0 apk
|
||||
gnutls 3.8.3-r0 apk
|
||||
google-api-core 2.17.1 python
|
||||
google-api-python-client 2.122.0 python
|
||||
google-auth 2.28.2 python
|
||||
google-api-core 2.18.0 python
|
||||
google-api-python-client 2.123.0 python
|
||||
google-auth 2.29.0 python
|
||||
google-auth-httplib2 0.2.0 python
|
||||
googleapis-common-protos 1.63.0 python
|
||||
gpg 2.4.4-r0 apk
|
||||
|
|
@ -148,7 +149,7 @@ libcurl 8.5.0-r0 apk
|
|||
libdav1d 1.3.0-r1 apk
|
||||
libedit 20230828.3.1-r3 apk
|
||||
libevent 2.1.12-r7 apk
|
||||
libexpat 2.6.0-r0 apk
|
||||
libexpat 2.6.2-r0 apk
|
||||
libffi 3.4.4-r3 apk
|
||||
libgcc 13.2.1_git20231014-r0 apk
|
||||
libgcrypt 1.10.3-r0 apk
|
||||
|
|
@ -202,7 +203,7 @@ marshmallow 3.21.1 python
|
|||
memcached 1.6.22-r0 apk
|
||||
mock 5.1.0 python
|
||||
mpdecimal 2.5.1-r2 apk
|
||||
msal 1.27.0 python
|
||||
msal 1.28.0 python
|
||||
msal-extensions 1.1.0 python
|
||||
musl 1.2.4_git20230717-r4 apk
|
||||
musl-utils 1.2.4_git20230717-r4 apk
|
||||
|
|
@ -297,6 +298,7 @@ pkb-client 1.2 python
|
|||
popt 1.19-r3 apk
|
||||
portalocker 2.8.2 python
|
||||
procps-ng 4.0.4-r0 apk
|
||||
proto-plus 1.23.0 python
|
||||
protobuf 4.25.3 python
|
||||
publicsuffixlist 0.9.4 python
|
||||
pyOpenSSL 24.1.0 python
|
||||
|
|
@ -330,7 +332,7 @@ soupsieve 2.5 python
|
|||
sqlite-libs 3.44.2-r0 apk
|
||||
ssl_client 1.36.1-r15 apk
|
||||
tiff 4.6.0-r0 apk
|
||||
tldextract 5.1.1 python
|
||||
tldextract 5.1.2 python
|
||||
typing-inspect 0.9.0 python
|
||||
typing_extensions 4.10.0 python
|
||||
tzdata 2024a-r0 apk
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ opt_param_usage_include_env: true
|
|||
opt_param_env_vars:
|
||||
- { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" }
|
||||
- { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." }
|
||||
- { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
|
||||
- { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynudns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
|
||||
- { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." }
|
||||
- { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." }
|
||||
- { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" }
|
||||
|
|
@ -168,7 +168,9 @@ app_setup_block: |
|
|||
|
||||
# changelog
|
||||
changelogs:
|
||||
- { date: "23.03.24:", desc: "Fix perms on the generated `priv-fullchain-bundle.pem`." }
|
||||
- { date: "14.03.24:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf - Update Authelia conf samples with support for 4.38." }
|
||||
- { date: "11.03.24:", desc: "Restore support for DynuDNS using `certbot-dns-dynudns`." }
|
||||
- { date: "06.03.24:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Cleanup default site conf." }
|
||||
- { date: "04.03.24:", desc: "Remove `stream.conf` inside the container to allow users to include their own block in `nginx.conf`." }
|
||||
- { date: "23.01.24:", desc: "Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate." }
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
# Instructions: https://github.com/DustyRah/certbot-dns-dynudns
|
||||
# Replace with your API token from your dynudns account.
|
||||
dns_dynu_auth_token = AbCbASsd!@34
|
||||
|
|
@ -5,4 +5,5 @@ cd /config/keys/letsencrypt || exit 1
|
|||
openssl pkcs12 -export -out privkey.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -passout pass:
|
||||
sleep 1
|
||||
cat {privkey,fullchain}.pem >priv-fullchain-bundle.pem
|
||||
chmod 600 priv-fullchain-bundle.pem
|
||||
chown -R abc:abc /config/etc/letsencrypt
|
||||
|
|
|
|||
Loading…
Reference in New Issue