Internet.nl icon indicating copy to clipboard operation
Internet.nl copied to clipboard
verified publisher icon internetstandards

Add documentation about LETSENCRYPT_EMAIL + update our production env

Open bwbroersma opened this issue 1 year ago • 2 comments

One could easily setup Let's Encrypt (LE) without providing LETSENCRYPT_EMAIL, which would result in running certbot with --register-unsafely-without-email: https://github.com/internetstandards/Internet.nl/blob/86b39d62f89a916823792852d8040fb84f4c60a8/docker/webserver/certbot.sh#L11-L15

The result is that no expiration emails would be send by LE. I think this should not be a preferred option for production stuff, but maybe this is preferred for testing/etc., but then it should have this check in it too?

bwbroersma avatar Feb 07 '24 13:02 bwbroersma

I think it's nice to allow it in any non-production setting. Enabling it for too many situations may also lead to expiry warning fatigue?

mxsasha avatar Feb 07 '24 15:02 mxsasha

Decided it's just a documentation issue + update our own production env configuration.

bwbroersma avatar Feb 20 '24 11:02 bwbroersma