2024-05-04 11:45:25 +02:00
|
|
|
#!/bin/bash
|
|
|
|
# shellcheck disable=SC2034
|
2024-07-16 23:33:20 +02:00
|
|
|
{{- $DEFAULT_ACMESH_DNS_API_CONFIG := fromYaml (coalesce $.Env.ACMESH_DNS_API_CONFIG "") }}
|
|
|
|
{{- if $DEFAULT_ACMESH_DNS_API_CONFIG }}
|
|
|
|
{{- "\n" }}declare -A DEFAULT_ACMESH_DNS_API_CONFIG=(
|
|
|
|
{{- range $key, $value := $DEFAULT_ACMESH_DNS_API_CONFIG }}
|
|
|
|
{{- "\n\t" }}['{{ $key }}']='{{ $value }}'
|
|
|
|
{{- end }}
|
|
|
|
{{- "\n" }})
|
|
|
|
{{- end }}
|
|
|
|
|
|
|
|
|
2020-04-21 12:29:03 +02:00
|
|
|
LETSENCRYPT_CONTAINERS=(
|
2024-05-04 11:45:25 +02:00
|
|
|
{{ $orderedContainers := sortObjectsByKeysDesc $ "Created" }}
|
|
|
|
{{ range $_, $container := whereExist $orderedContainers "Env.LETSENCRYPT_HOST" }}
|
|
|
|
{{ if trim $container.Env.LETSENCRYPT_HOST }}
|
|
|
|
{{ if parseBool (coalesce $container.Env.LETSENCRYPT_SINGLE_DOMAIN_CERTS "false") }}
|
|
|
|
{{/* Explicit per-domain splitting of the certificate */}}
|
|
|
|
{{ range $host := split $container.Env.LETSENCRYPT_HOST "," }}
|
|
|
|
{{ $host := trim $host }}
|
2024-07-15 22:47:01 +02:00
|
|
|
{{- "\n\t" }}'{{ printf "%.12s" $container.ID }}_{{ sha1 $host }}' # {{ $container.Name }}, created at {{ $container.Created }}
|
2020-04-21 12:29:03 +02:00
|
|
|
{{ end }}
|
2024-05-04 11:45:25 +02:00
|
|
|
{{ else }}
|
|
|
|
{{/* Default: multi-domain (SAN) certificate */}}
|
2024-07-15 22:47:01 +02:00
|
|
|
{{- "\n\t" }}'{{ printf "%.12s" $container.ID }}' # {{ $container.Name }}, created at {{ $container.Created }}
|
2020-04-21 12:29:03 +02:00
|
|
|
{{ end }}
|
|
|
|
{{ end }}
|
2024-05-04 11:45:25 +02:00
|
|
|
{{ end }}
|
2020-04-21 12:29:03 +02:00
|
|
|
)
|
2015-12-31 18:50:25 +01:00
|
|
|
|
|
|
|
{{ range $hosts, $containers := groupBy $ "Env.LETSENCRYPT_HOST" }}
|
2020-04-21 12:29:03 +02:00
|
|
|
{{ $hosts := trimSuffix "," $hosts }}
|
|
|
|
{{ range $container := $containers }}
|
2021-12-12 19:39:09 +01:00
|
|
|
{{/* Trim spaces and set empty values on per-container environment variables */}}
|
2021-08-03 23:32:09 +02:00
|
|
|
{{ $KEYSIZE := trim (coalesce $container.Env.LETSENCRYPT_KEYSIZE "") }}
|
|
|
|
{{ $STAGING := trim (coalesce $container.Env.LETSENCRYPT_TEST "") }}
|
|
|
|
{{ $EMAIL := trim (coalesce $container.Env.LETSENCRYPT_EMAIL "") }}
|
|
|
|
{{ $CA_URI := trim (coalesce $container.Env.ACME_CA_URI "") }}
|
2024-07-15 22:48:12 +02:00
|
|
|
{{ $ACME_CHALLENGE := trim (coalesce $container.Env.ACME_CHALLENGE "") }}
|
|
|
|
{{ $ACMESH_DNS_API_CONFIG := fromYaml (coalesce $container.Env.ACMESH_DNS_API_CONFIG "") }}
|
2021-08-03 23:32:09 +02:00
|
|
|
{{ $PREFERRED_CHAIN := trim (coalesce $container.Env.ACME_PREFERRED_CHAIN "") }}
|
|
|
|
{{ $OCSP := trim (coalesce $container.Env.ACME_OCSP "") }}
|
|
|
|
{{ $EAB_KID := trim (coalesce $container.Env.ACME_EAB_KID "") }}
|
|
|
|
{{ $EAB_HMAC_KEY := trim (coalesce $container.Env.ACME_EAB_HMAC_KEY "") }}
|
|
|
|
{{ $ZEROSSL_API_KEY := trim (coalesce $container.Env.ZEROSSL_API_KEY "") }}
|
|
|
|
{{ $RESTART_CONTAINER := trim (coalesce $container.Env.LETSENCRYPT_RESTART_CONTAINER "") }}
|
2022-03-02 18:42:07 +01:00
|
|
|
{{ $PRE_HOOK := trim (coalesce $container.Env.ACME_PRE_HOOK "") }}
|
|
|
|
{{ $POST_HOOK := trim (coalesce $container.Env.ACME_POST_HOOK "") }}
|
2020-04-21 12:29:03 +02:00
|
|
|
{{ $cid := printf "%.12s" $container.ID }}
|
2024-05-04 11:45:25 +02:00
|
|
|
{{- "\n" }}# Container {{ $cid }} ({{ $container.Name }})
|
2020-04-21 12:29:03 +02:00
|
|
|
{{ if parseBool (coalesce $container.Env.LETSENCRYPT_SINGLE_DOMAIN_CERTS "false") }}
|
2021-12-12 19:39:09 +01:00
|
|
|
{{/* Explicit per-domain splitting of the certificate */}}
|
2020-04-21 12:29:03 +02:00
|
|
|
{{ range $host := split $hosts "," }}
|
|
|
|
{{ $host := trim $host }}
|
2020-07-04 15:29:37 +02:00
|
|
|
{{ $host := trimSuffix "." $host }}
|
2020-04-21 12:29:03 +02:00
|
|
|
{{ $hostHash := sha1 $host }}
|
2020-11-06 17:21:57 +01:00
|
|
|
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_HOST=('{{ $host }}')
|
2021-08-03 23:32:09 +02:00
|
|
|
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_KEYSIZE="{{ $KEYSIZE }}"
|
|
|
|
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_TEST="{{ $STAGING }}"
|
|
|
|
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_EMAIL="{{ $EMAIL }}"
|
|
|
|
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_CA_URI="{{ $CA_URI }}"
|
2024-07-15 22:48:12 +02:00
|
|
|
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_CHALLENGE="{{ $ACME_CHALLENGE }}"
|
|
|
|
{{- if $ACMESH_DNS_API_CONFIG }}
|
|
|
|
{{- "\n" }}declare -A ACMESH_{{ $cid }}_{{ $hostHash }}_DNS_API_CONFIG=(
|
|
|
|
{{- range $key, $value := $ACMESH_DNS_API_CONFIG }}
|
|
|
|
{{- "\n\t" }}['{{ $key }}']='{{ $value }}'
|
|
|
|
{{- end }}
|
|
|
|
{{- "\n" }})
|
|
|
|
{{- end }}
|
2021-08-03 23:32:09 +02:00
|
|
|
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_PREFERRED_CHAIN="{{ $PREFERRED_CHAIN }}"
|
|
|
|
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_OCSP="{{ $OCSP }}"
|
|
|
|
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_EAB_KID="{{ $EAB_KID }}"
|
|
|
|
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_EAB_HMAC_KEY="{{ $EAB_HMAC_KEY }}"
|
|
|
|
{{- "\n" }}ZEROSSL_{{ $cid }}_{{ $hostHash }}_API_KEY="{{ $ZEROSSL_API_KEY }}"
|
|
|
|
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_RESTART_CONTAINER="{{ $RESTART_CONTAINER }}"
|
2022-03-02 18:42:07 +01:00
|
|
|
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_PRE_HOOK="{{ $PRE_HOOK }}"
|
|
|
|
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_POST_HOOK="{{ $POST_HOOK }}"
|
2020-04-21 12:29:03 +02:00
|
|
|
{{ end }}
|
|
|
|
{{ else }}
|
2021-12-12 19:39:09 +01:00
|
|
|
{{/* Default: multi-domain (SAN) certificate */}}
|
2020-11-06 17:21:57 +01:00
|
|
|
{{- "\n" }}LETSENCRYPT_{{ $cid }}_HOST=(
|
2024-07-17 07:33:31 +02:00
|
|
|
{{- range $host := split $hosts "," }}
|
2020-11-06 17:21:57 +01:00
|
|
|
{{- $host := trim $host }}
|
2024-07-15 22:47:01 +02:00
|
|
|
{{- $host := trimSuffix "." $host }}
|
|
|
|
{{- "\n\t" }}'{{ $host }}'
|
|
|
|
{{- end }}
|
|
|
|
{{- "\n" }})
|
2021-08-03 23:32:09 +02:00
|
|
|
{{- "\n" }}LETSENCRYPT_{{ $cid }}_KEYSIZE="{{ $KEYSIZE }}"
|
|
|
|
{{- "\n" }}LETSENCRYPT_{{ $cid }}_TEST="{{ $STAGING }}"
|
|
|
|
{{- "\n" }}LETSENCRYPT_{{ $cid }}_EMAIL="{{ $EMAIL }}"
|
|
|
|
{{- "\n" }}ACME_{{ $cid }}_CA_URI="{{ $CA_URI }}"
|
2024-07-15 22:48:12 +02:00
|
|
|
{{- "\n" }}ACME_{{ $cid }}_CHALLENGE="{{ $ACME_CHALLENGE }}"
|
|
|
|
{{- if $ACMESH_DNS_API_CONFIG }}
|
|
|
|
{{- "\n" }}declare -A ACMESH_{{ $cid }}_DNS_API_CONFIG=(
|
|
|
|
{{- range $key, $value := $ACMESH_DNS_API_CONFIG }}
|
|
|
|
{{- "\n\t" }}['{{ $key }}']='{{ $value }}'
|
|
|
|
{{- end }}
|
|
|
|
{{- "\n" }})
|
|
|
|
{{- end }}
|
2021-08-03 23:32:09 +02:00
|
|
|
{{- "\n" }}ACME_{{ $cid }}_PREFERRED_CHAIN="{{ $PREFERRED_CHAIN }}"
|
|
|
|
{{- "\n" }}ACME_{{ $cid }}_OCSP="{{ $OCSP }}"
|
|
|
|
{{- "\n" }}ACME_{{ $cid }}_EAB_KID="{{ $EAB_KID }}"
|
|
|
|
{{- "\n" }}ACME_{{ $cid }}_EAB_HMAC_KEY="{{ $EAB_HMAC_KEY }}"
|
|
|
|
{{- "\n" }}ZEROSSL_{{ $cid }}_API_KEY="{{ $ZEROSSL_API_KEY }}"
|
|
|
|
{{- "\n" }}LETSENCRYPT_{{ $cid }}_RESTART_CONTAINER="{{ $RESTART_CONTAINER }}"
|
2022-03-02 18:42:07 +01:00
|
|
|
{{- "\n" }}ACME_{{ $cid }}_PRE_HOOK="{{ $PRE_HOOK }}"
|
|
|
|
{{- "\n" }}ACME_{{ $cid }}_POST_HOOK="{{ $POST_HOOK }}"
|
2020-04-21 12:29:03 +02:00
|
|
|
{{ end }}
|
|
|
|
{{ end }}
|
2015-12-31 18:50:25 +01:00
|
|
|
{{ end }}
|