mirror/docker-letsencrypt-nginx-proxy-companion
1
0
Fork 0
mirror of https://github.com/nginx-proxy/docker-letsencrypt-nginx-proxy-companion synced 2024-12-04 10:08:20 +01:00
Code Issues Releases Activity
103 Commits 4 Branches 42 Tags 2.6 MiB
27d433cb63
Commit Graph

45 Commits

Author SHA1 Message Date
Helder Correia
27d433cb63 Complete support for dynamic container names (#231) 
* Allow setting NGINX_DOCKER_GEN_CONTAINER from a label
* Find labeled cid in runtime instead of startup time
 2017-07-13 12:44:02 +02:00
Yves Blusseau
1f678ed2c2 Revert "Set /.well-known/acme-challenge nginx location path as prefix string (#192)" 
Don't need to use a regexp because the vhost.d/default configuration must be include
specificaly in each server configurations by the nginx.tmpl template file.
Something like:

{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
include {{ printf "/etc/nginx/vhost.d/%s" $host }};
{{ else if (exists "/etc/nginx/vhost.d/default") }}
include /etc/nginx/vhost.d/default;
{{ end }}
 2017-07-02 11:26:10 +02:00
Nicolas Duchon
a093ebf36b enable simp_le private key reutilisation 2017-06-16 16:58:44 +02:00
Yves Blusseau
2f88f79cbd Merge pull request #212 from ravenpride/master 
Added support for choosing a certain key size via environment variable 'LETSENCRYPT_KEYSIZE'.
 2017-05-28 17:37:39 +02:00
PauRE
a1a6732812 Fix renewals on separate containers (#165) 
* Added support to reload nginx containter in case only certificates renewal happend. Reusing the autodetection from --volumes-from.
 2017-05-28 17:30:10 +02:00
root
2cb951d596 Added support for choosing a certain key size via environment variable 'LETSENCRYPT_KEYSIZE'. 2017-05-27 12:31:55 +00:00
Yves Blusseau
86ee8793a4 Use CONTAINER_ID instead of HOSTNAME variable when using docker_api 2017-05-18 13:36:00 +02:00
Yves Blusseau
794d77793d Merge pull request #181 from emmetog/patch-1 
Get nginx container id from labelled container
 2017-04-13 13:15:35 +02:00
Emmet O'Grady
a1af285d46
Use fully qualified label name 2017-04-13 12:09:13 +01:00
Jarek Lipski
44560270b7 Do not generate certs if LETSENCRYPT_HOST is empty (#183) 2017-04-13 12:24:48 +02:00
Julien Blondeau
a9b9c74c07 Set /.well-known/acme-challenge nginx location path as prefix string (#192) 
In nginx.tmpl, vhosts.d are included before the 'location /' target, and last basic location wins.
If our /.well-known location is defined as a prefix string (or as a regex), it takes priority over basic locations
Details on http://nginx.org/en/docs/http/ngx_http_core_module.html#location
 2017-04-13 12:08:32 +02:00
trondvh
232ade6e2f Support for alternative TOS hashes (#189) 2017-03-27 12:29:03 +02:00
Emmet O'Grady
3c877181d8 Get nginx container id from labelled container 2017-03-04 14:15:15 -06:00
Bjoern Busch
783ae214cf Update docker API call 
Based on the docker issue (https://github.com/docker/docker/issues/26099) the docker api needs to be called with `localhost` in the URL.
 2017-01-19 21:14:10 +01:00
Yves Blusseau
8d3b18894d Output certificate trust chain for OCSP stapling 
Close #108 #129
 2016-12-30 09:11:06 -08:00
Yves Blusseau
eba7581d82 Revert "[FEATURE] Create SAN certificates only for common domains" 2016-12-30 14:34:05 +01:00
Mickaël Perrin
d25099ee7b [FEATURE] Create SAN certificates only for common domains 
SAN certificates are now only created if the domain is contained in the base_domain.

For example:
LETSENCRYPT_HOST=domain.tld,sub.domain.tld,sub2.domain.tld,newdomain.tld,sub.newdomain.tld
will create 2 SAN certificates for domain.tld and newdomain.tld.
 2016-12-29 19:30:37 +01:00
ryneeverett
fa2a85c60d Warn if volumes don't appear to be setup correctly 
Assuming they're following a conventional setup, this will warn users
that they likely didn't set their volumes up correctly. It's not an
error though because they may have done something like mount the entire
/etc/nginx directory.
 2016-08-17 22:31:23 -04:00
Yves Blusseau
bc32889e37 Allow to migrate CN domains to AltNames 
Close #77
 2016-08-15 10:33:40 +02:00
Yves Blusseau
dca804a362 Change the SHA-256 hash of the contents of Terms Of Service 2016-08-02 13:32:05 +02:00
Yves Blusseau
9295c1d151 Don't remove created configuration files in vhost.d 
Close #69
 2016-07-28 13:11:57 +02:00
Yves Blusseau
5ba68d20bd Merge pull request #76 from ryneeverett/functions-file-extension 
functions.lib -> functions.sh
 2016-06-26 11:44:55 +02:00
ryneeverett
7c16aaa2a1 functions.lib -> functions.sh 
This way any editor can figure out the file type automatically.
 2016-06-25 18:31:15 -04:00
ryneeverett
4953c16bbe Document letsencrypt_service loop. 
I hadn't seen this pattern before and it took me a while to figure out
where the loop was happening. (It could have been in the docker
invocation, in entrypoint.sh, or in start.sh too.)
 2016-06-25 18:25:24 -04:00
ryneeverett
a8e5131803 Fix typo. 2016-06-25 18:25:16 -04:00
Ben Smith
e2f0abfa3e enable public access to validation endpoints despite existing IP whitelisting or basic auth settings 2016-05-23 15:04:38 -04:00
MrsKensington
76ed161b35 break in location in case the upstream is protected 
Add a break into the letsencrypt block so that no more rules are executed otherwise if you have a block like...

    ## Start of configuration add by letsencrypt container
    location /.well-known/acme-challenge/ {
        auth_basic off;
        root /usr/share/nginx/html;
        try_files $uri =404;
    }
    ## End of configuration add by letsencrypt container

    if (!-f /code/home/cookies/$cookie_AUTH_COOKIE) {
        rewrite ^ https://auth.example.org break;
    }

Then lets encrypt never manages to verify the domain as the request gets re-written to the authentication URL.
 2016-05-06 18:47:50 +01:00
Yves Blusseau
ae21e245e3 Change default location to only manage .well-known/acme-challenge 2016-05-01 11:30:30 +02:00
Reldeis
4a508b7239 Update letsencrypt_service 2016-03-30 01:04:27 +02:00
JrCs
623d30cb17 Create test certificates by container 
* Add the environment variable LETSENCRYPT_TEST with a value of true
  to create test certificates.
 2016-03-27 16:56:56 +02:00
JrCs
fb3f0d2277 Use the DEBUG environment variable to make simp_le more verbose 2016-02-26 19:11:03 +01:00
JrCs
a3803dd10d Add a note about generation of Diffie-Hellman group file 2016-02-26 19:11:03 +01:00
Yves Blusseau
0d6d105270 Allow to use the official nginx image and docker-gen in separate containers 2016-02-17 16:27:45 +01:00
JSurf
9bb159be51 Disable basic auth for letsencrypt challenge 2016-01-27 14:55:24 +01:00
JrCs
941cd9dfbf Use http scheme in case DOCKER_HOST is not a unix socket 2016-01-08 14:31:45 +01:00
Andrew Tomaka
9edbb7811b Validate all relevant links are present 
Thanks atomaka.
Close #5
 2016-01-08 13:44:27 +01:00
JrCs
ed47d83a92 Improve method to get own container id 
Close #6
 2016-01-08 12:40:42 +01:00
JrCs
685909d93c Improved functions library 2016-01-07 11:11:05 +01:00
JrCs
6f731e4716 Call docker API directly 
No need to have the docker binary
 2016-01-06 19:37:04 +01:00
JrCs
acf517e1b4 Automatically create Diffie-Hellman group 2016-01-05 14:31:00 +01:00
JrCs
a263aad670 Fix indentations and add reload_nginx function in library 2016-01-05 14:02:15 +01:00
JrCs
1c6d70b93f Add new DEBUG environment variable 2016-01-03 12:42:29 +01:00
JrCs
ffca62742c Properly retrieve nginx-proxy container ID 
docker inspect command return a leading :ro or :rw string when use with
docker-compose. This fix remove the leading string to get only the
container ID. Thanks anoopr.

Fix #1 and close #2.
 2016-01-03 12:31:41 +01:00
JrCs
459b1ed3c9 Create location configurations automatically 2016-01-01 14:35:03 +01:00
JrCs
0779129dd5 First release 2015-12-31 18:50:25 +01:00