Skip to content
This repository has been archived by the owner on Feb 5, 2018. It is now read-only.
/ acme-platform.sh Public archive

Obtain HTTPS-certificates via ACME/Let's Encrypt and upload them to Platform.sh using their API

hub.docker.com/r/reload/acme-platform.sh/
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

reload/acme-platform.sh

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

etc

etc

 
 

usr/local/bin

usr/local/bin

 
 

Dockerfile

Dockerfile

 
 

README.md

README.md

 
 

Repository files navigation

ACME (Let's Encrypt) with DNS challenge on platform.sh

NOTICE: Platform.sh launched builtin support for Let's Encrypt on April 20, 2017. So most likely you won't need this any more. Read more on Platform.sh's blog.

Platform.sh previously didn't support using ACME/Let's Encrypt certificates (at least not with domain verification and automatic renewal).

This Docker image provides scripting for obtaining certificates via ACME/Let's Encrypt and uploading them to Platform.sh using their API.

This Docker image is based on lego to obtain a certificate via ACME DNS challenge and uploads the certificate to platform.sh using their commmand line client.

Necessary configuration via environment variables, .i.e.:

  • [email protected] (used for registering with Let's Encrypt)
  • DOMAINS="example.com www.example.com" (space separated list -- must already be added to the project at Platform.sh)
  • DNS_PROVIDER=dnsimple (your DNS provider, see below for supported providers and additional needed configuration)
  • PLATFORMSH_API_TOKEN=mytoken (an APIv1 token)
  • PLATFORMSH_PROJECT_ID=myprojectid

You also need to provide environment variables required by the DNS provider challenge chosen:

  • cloudflare: CLOUDFLARE_EMAIL, CLOUDFLARE_API_KEY
  • digitalocean: DO_AUTH_TOKEN
  • dnsimple: DNSIMPLE_EMAIL, DNSIMPLE_API_KEY
  • dnsmadeeasy: DNSMADEEASY_API_KEY, DNSMADEEASY_API_SECRET
  • gandi: GANDI_API_KEY
  • gcloud: GCE_PROJECT
  • namecheap: NAMECHEAP_API_USER, NAMECHEAP_API_KEY
  • rfc2136: RFC2136_TSIG_KEY, RFC2136_TSIG_SECRET, RFC2136_TSIG_ALGORITHM, RFC2136_NAMESERVER
  • route53: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION
  • dyn: DYN_CUSTOMER_NAME, DYN_USER_NAME, DYN_PASSWORD
  • vultr: VULTR_API_KEY
  • ovh: OVH_ENDPOINT, OVH_APPLICATION_KEY, OVH_APPLICATION_SECRET, OVH_CONSUMER_KEY
  • pdns: PDNS_API_KEY, PDNS_API_URL

Optional configuration via environment variables:

  • ACME_SERVER=https://acme-staging.api.letsencrypt.org/directory (optional ACME server -- defaults to Let's Encrypts production server)
  • ACME_DAYS=30 (the number of days left on a certificate to renew it. Defaults to 30)

The container will store the certificates in /data so you should mount a volume to /data.

About

Obtain HTTPS-certificates via ACME/Let's Encrypt and upload them to Platform.sh using their API

hub.docker.com/r/reload/acme-platform.sh/

Topics

acme deprecated platformsh dns-challenge

Resources

Readme
Activity
Custom properties

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases 1

Release 0.1.0 Latest
Oct 28, 2016

Packages

No packages published

Languages