docker-flow-proxy-letsencrypt icon indicating copy to clipboard operation
docker-flow-proxy-letsencrypt copied to clipboard

Published 20 hours ago verified publisher icon n1b0r

Simplification of the setup

Open Vad1mo opened this issue 7 years ago • 9 comments

Why not providing an option to simplify the setup when com.df.serviceDomainm == com.df.letsencrypt.host one could omit the letsencrypt.host.

Vad1mo avatar Dec 25 '17 22:12 Vad1mo

You right, do you want to submit a pull request ?

n1b0r avatar Dec 26 '17 17:12 n1b0r

Would like too, but I am not a py expert and not trying to dive into it. I am just contributing by improving the UX from experience 😎

Vad1mo avatar Dec 28 '17 19:12 Vad1mo

@n1b0r if nobody is working on it, maybe I'd try once again. :)

vnkmpf avatar Dec 30 '17 21:12 vnkmpf

@vnkmpf ok :)

n1b0r avatar Jan 02 '18 06:01 n1b0r

Good news - I think I have it's done now, but need to test it. Probably this weekend :)

vnkmpf avatar Jan 12 '18 23:01 vnkmpf

if you can create an test image, I can also do some testing and contribute my part

Vad1mo avatar Jan 13 '18 23:01 Vad1mo

So I tested it, and it seems to work. Although I tested even with original version, I would still like to get it confirmed from @n1b0r : If I use -l com.df.letsencrypt.host=foo.example.com,bar.example.com, there is only one certificate for them generated, right? In my testing case only for foo, and if I got to bar, the cert for foo is served.

Here is info from log:

2018-01-14 23:16:53,493;INFO;letsencrypt support enabled.
2018-01-14 23:16:53,496;INFO;Letsencrypt support enabled, processing request: domains=foo.example.com,bar.example.com [email protected] testing=True
2018-01-14 23:17:04,458;INFO;certificates successfully created using certbot.
2018-01-14 23:17:04,464;INFO;combined certificate generated into "/etc/letsencrypt/live/foo.example.com/combined.pem".
2018-01-14 23:17:04,539;INFO;Request PUT /cert sucessfully send to DFP.
2018-01-14 23:17:04,624;INFO;Request PUT /cert sucessfully send to DFP.

I will push my branch tomorrow, as it's after midnight here now.

Then if @Vad1mo wants to test, you can just checkout, switch to the concrete branch and run docker build -t my-dfple .. Then rewrite your docker-compose file to use my-dfple image and happy testing :)

vnkmpf avatar Jan 14 '18 23:01 vnkmpf

@vnkmpf yes only one cert will be generated by certbot and dpfle will deal with it (IIRC it will create symlink for each requested cert in the webroot path).

I ill try to test it asap and produce a test image if I have time.

Thanks for your time guys.

n1b0r avatar Jan 15 '18 05:01 n1b0r

Yup, you're right. Now I checked and it's symlinked. Just now created a merge request. I hope it'll work alright :)

vnkmpf avatar Jan 15 '18 17:01 vnkmpf