certhub-docker-entry¶
Synopsis¶
/usr/local/lib/git-gau/docker-entry.d/60-acme-dns-registration
/usr/local/lib/git-gau/docker-entry.d/60-certbot-account
/usr/local/lib/git-gau/docker-entry.d/60-dehydrated-account
/usr/local/lib/git-gau/docker-entry.d/60-lego-account
Description¶
A collection of docker entrypoint scripts called by git-gau docker-entry via run-parts. Useful to setup preexisting ACME accounts from data passed into a container by environment variables.
Refer to git-gau-docker-entry(8) for more information on the entrypoint scripts shipping with git-gau. Note that for common use cases GAU_REPO should point to the certhub certificate repository.
Environment (acme-dns)¶
It is recommended to specify CERTHUB_ACME_DNS_REGISTRATION
for a
production setup when using joohoi/acme-dns.
- CERTHUB_ACME_DNS_REGISTRATION¶
Contents of the JSON registration file as generated by goacmedns-register which is part of cpu/goacmedns. Note that more than one account can be registered/represented in a single JSON data structure.
- CERTHUB_ACME_DNS_REGISTRATION_FILE¶
Full path to registration json file. Defaults to
${HOME}/acme-dns-registration.json
.
Environment (Certbot)¶
It is recommended to specify CERTHUB_CERTBOT_ACCOUNT_ID
,
CERTHUB_CERTBOT_ACCOUNT_KEY
, CERTHUB_CERTBOT_ACCOUNT_REGR
and CERTHUB_CERTBOT_ACCOUNT_META
for a production setup. The
remaining variables can be ignored in most situations.
- CERTHUB_CERTBOT_ACCOUNT_KEY¶
ACME account private key in JSON format used by certbot. If this variable is non-empty, its contents will be written to private_key.json in the respective accounts directory. Note that either
CERTHUB_CERTBOT_ACCOUNT_ID
orCERTHUB_CERTBOT_ACCOUNT_DIR
is required if this variable is set.
- CERTHUB_CERTBOT_ACCOUNT_REGR¶
ACME account registration information in JSON format used by certbot. If this variable is non-empty, its contents will be written to regr.json in the respective accounts directory. Note that either
CERTHUB_CERTBOT_ACCOUNT_ID
orCERTHUB_CERTBOT_ACCOUNT_DIR
is required if this variable is set.
- CERTHUB_CERTBOT_ACCOUNT_META¶
ACME account meta information in JSON format used by certbot. If this variable is non-empty, its contents will be written to meta.json in the respective accounts directory. Note that either
CERTHUB_CERTBOT_ACCOUNT_ID
orCERTHUB_CERTBOT_ACCOUNT_DIR
is required if this variable is set.
- CERTHUB_CERTBOT_ACCOUNT_ID¶
ACME account id as used by certbot to identify the account in the form of a 32 character long hex string. This is equivalent to the last component of an account directory path.
- CERTHUB_CERTBOT_ACCOUNT_SERVER¶
ACME endpoint URL for the given account. Defaults to: https://acme-v02.api.letsencrypt.org/directory
- CERTHUB_CERTBOT_CONFIG_DIR¶
Base directory for certbot configuration. Defaults to: /etc/letsencrypt.
- CERTHUB_CERTBOT_ACCOUNT_DIR¶
Full path to an accounts directory. Defaults to a value computed from
CERTHUB_CERTBOT_CONFIG_DIR
,CERTHUB_CERTBOT_ACCOUNT_SERVER
andCERTHUB_CERTBOT_ACCOUNT_ID
.
Environment (Dehydrated, DEPRECATED)¶
Warning
certhub-dehydrated-run is deprecated, please switch to another ACME client.
It is recommended to specify CERTHUB_DEHYDRATED_ACCOUNT_KEY
,
CERTHUB_DEHYDRATED_ACCOUNT_REGR
and
CERTHUB_DEHYDRATED_ACCOUNT_ID
for a production setup. The remaining
variables can be ignored in most situations.
- CERTHUB_DEHYDRATED_ACCOUNT_KEY¶
ACME account private key in PEM format used by dehydrated. If this variable is non-empty, its contents will be written to account_key.pem in the respective accounts directory.
- CERTHUB_DEHYDRATED_ACCOUNT_REGR¶
ACME account registration information in JSON format used by dehydrated. If this variable is non-empty, its contents will be written to registration_info.json in the respective accounts directory. set.
- CERTHUB_DEHYDRATED_ACCOUNT_ID¶
ACME account id information in JSON format used by dehydrated. If this variable is non-empty, its contents will be written to account_id.json in the respective accounts directory.
- CERTHUB_DEHYDRATED_ACCOUNT_SERVER¶
ACME endpoint URL for the given account. Defaults to: https://acme-v02.api.letsencrypt.org/directory
- CERTHUB_DEHYDRATED_CONFIG_DIR¶
Base directory for dehydrated configuration. Defaults to: /etc/dehydrated.
- CERTHUB_DEHYDRATED_ACCOUNT_DIR¶
Full path to an accounts directory. Defaults to a value computed from
CERTHUB_DEHYDRATED_CONFIG_DIR
andCERTHUB_DEHYDRATED_ACCOUNT_SERVER
.
Environment (Lego)¶
It is recommended to specify CERTHUB_LEGO_ACCOUNT_EMAIL
CERTHUB_LEGO_ACCOUNT_KEY
and CERTHUB_LEGO_ACCOUNT_CONF
for
a production setup. The remaining variables can be ignored in most situations.
- CERTHUB_LEGO_ACCOUNT_KEY¶
ACME account private key in PEM format used by lego. If this variable is non-empty, its contents will be written to ${CERTHUB_LEGO_ACCOUNT_EMAIL}.key in the respective accounts directory. Note that either
CERTHUB_LEGO_ACCOUNT_EMAIL
orCERTHUB_LEGO_ACCOUNT_KEY_DIR
/CERTHUB_LEGO_ACCOUNT_KEY_FILE
are required if this variable is set.
- CERTHUB_LEGO_ACCOUNT_CONF¶
ACME account registration information in JSON format used by lego. If this variable is non-empty, its contents will be written to account.json in the respective accounts directory. Note that either
CERTHUB_LEGO_ACCOUNT_EMAIL
orCERTHUB_LEGO_ACCOUNT_DIR
/CERTHUB_LEGO_ACCOUNT_CONF_FILE
are required if this variable is set.
- CERTHUB_LEGO_ACCOUNT_EMAIL¶
ACME account email as used by lego to identify the account.
- CERTHUB_LEGO_ACCOUNT_SERVER¶
ACME endpoint URL for the given account. Defaults to: https://acme-v02.api.letsencrypt.org/directory
- CERTHUB_LEGO_DIR¶
Base directory for lego configuration. Defaults to: ${HOME}/.lego.
- CERTHUB_LEGO_ACCOUNT_DIR¶
Full path to an accounts directory. Defaults to a value computed from
CERTHUB_LEGO_DIR
,CERTHUB_LEGO_ACCOUNT_SERVER
andCERTHUB_LEGO_ACCOUNT_EMAIL
.
- CERTHUB_LEGO_ACCOUNT_CONF_FILE¶
Full path to an accounts config file. Defaults to a value computed from
CERTHUB_LEGO_DIR
,CERTHUB_LEGO_ACCOUNT_SERVER
andCERTHUB_LEGO_ACCOUNT_EMAIL
.
- CERTHUB_LEGO_ACCOUNT_KEY_DIR¶
Full path to an accounts key directory. Defaults to a value computed from
CERTHUB_LEGO_DIR
,CERTHUB_LEGO_ACCOUNT_SERVER
andCERTHUB_LEGO_ACCOUNT_EMAIL
.
- CERTHUB_LEGO_ACCOUNT_KEY_FILE¶
Full path to an accounts key file. Defaults to a value computed from
CERTHUB_LEGO_DIR
,CERTHUB_LEGO_ACCOUNT_SERVER
andCERTHUB_LEGO_ACCOUNT_EMAIL
.
See Also¶
git-gau-docker-entry(8),