Builds a Docker image from base certbot/certbot
- The container will:
- Verify the validity of the certificate
- Using certbot, request a new wildcard certificate for $MAIN_DOMAIN using $EMAIL:
- manual method
- dns challenge
- Automatically add a TXT record to the DN registrar for certbot challenge, using $API_KEY and $API_USER env vars
- Wait for $CHALLENGE_TIMEOUT seconds for the DNS changes to propagate
- If validation is successfull, restore the original DNS records
certbot-auth-hook.shautomates the creation of a TXT record. Currently works for namecheap.com, for others get inspiration from:certbot-cleanup-hook.shautomates the deletion of the TXT record created above- Used:
- Certbot validation hooks: https://certbot.eff.org/docs/using.html#pre-and-post-validation-hooks
- jq to manipulate JSON
- xmlstarlet to manipulate XML
./build.sh- build the image./run.sh- test run the image using bash, bypassing the entrypoint script
This can be run in Kubernetes, as a Job
- 2021-06-14 [0.6]:
- Docker pull on latest certbot image
- 2020-09-23 [0.4]:
- Removed Kong certificate push, since now Kong is mainly stateless
- 2018-07-24 [0.2]:
- Added automatic adding and removal of TXT record for validation using namecheap.com APIs
- 2018-07-17 [0.1]:
- Initial release