Allow changing dehydrated BASEDIR (to be placed in a volume for example) and other improvements#3
Open
jjakob wants to merge 6 commits intoschnatterer:masterfrom
Open
Allow changing dehydrated BASEDIR (to be placed in a volume for example) and other improvements#3jjakob wants to merge 6 commits intoschnatterer:masterfrom
jjakob wants to merge 6 commits intoschnatterer:masterfrom
Conversation
This is to allow it to be placed in a volume that the user mounts into
the container, usually in /certs.
Introduce a new env variable DEHYDRATED_BASEDIR.
If this is unset, the behavior will stay the same as before:
`BASEDIR=/dehydrated`. This is for backwards compatibility.
`DEHYDRATED_BASEDIR` and `CERT_DIR` interact:
* default (<=0.4.0) if `DEHYDRATED_BASEDIR` is not set:
* `DEHYDRATED_BASEDIR="/dehydrated" CERT_DIR="/certs"`
* `/dehydrated` is not stored in persistent storage and will be deleted with the container (including the letsencrypt account)
* recommended (>0.4.0):
* set `DEHYDRATED_BASEDIR="/certs/dehydrated"`. This will set `CERT_DIR="$DEHYDRATED_BASEDIR/certs"`. This allows all the certificates and dehydrated state (most importantly, accounts) to be stored in one directory, usually a volume mounted at `/certs`.
Introduce a new variable, DEHYDRATED_WELLKNOWN, to set the directory
where dehydrated will place .well-known. This allows the user to point
it to the webserver document root and not have to create any symlinks.
Sometimes on first start they don't exist yet.
The output directory for certificates is set via CERTDIR in /etc/dehydrated/config.
- use new DEHYDRATED_BASEDIR env variable - point DEHYDRATED_WELLKNOWN to document root of webserver instead of symlinking /static to it
Owner
|
Hey @jjakob, Thank you very much for taking the time to compose this PR! |
Owner
|
Fixes #2 |
WELLKNOWN path was missing '.well-known/acme-challenge' which was causing the ACME challenge to fail. Env variables used in dehydrated config must be exported.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See commit messages and the updated README and examples for more information.
I have not tested any of the examples but I have tested the meta-entrypoint and dehydrated config in my own container that's close to the standalone example and it works.