mirror/docker-letsencrypt-nginx-proxy-companion
1
0
Fork 0
mirror of https://github.com/nginx-proxy/docker-letsencrypt-nginx-proxy-companion synced 2024-11-15 13:43:11 +01:00
Code Issues Releases Activity
333 Commits 4 Branches 41 Tags 2.6 MiB
cec2482b27
Commit Graph

125 Commits

Author SHA1 Message Date
Nicolas Duchon
cec2482b27
Verify account files existence before perm check (#592) 
fix #591
 2019-10-17 13:57:48 +02:00
Nicolas Duchon
30c51154e4
Clearer debug and comments on set_ownership_and_permissions() 2019-10-10 11:50:18 +02:00
Nicolas Duchon
57fae83e70
ACME v2 compatibility 
Use simp_le master branch for now
 2019-10-10 11:50:14 +02:00
Nicolas Duchon
d26118f615
Merge pull request #588 from buchdag/fix-561 
Enable use of wildcard location configurations
 2019-10-10 11:30:58 +02:00
Dan Sullivan
9071075d32 Set auth_request off for acme challenge location 2019-08-18 21:19:36 -04:00
Nicolas Duchon
90e6fbcb49
Use wildcard location configurations 
fix #561
 2019-08-02 19:55:12 +02:00
Nicolas Duchon
33b7d93196
Merge pull request #550 from buchdag/default-email 
Add environment variable for global default email.
 2019-06-11 10:42:48 +02:00
Nicolas Duchon
36ef610f0e
Use cp/rm instead of mv on location configuration 
mv does not work with file bind mounted
inside a container with --volume as their inode
can't be changed from within the container
 2019-06-09 14:18:05 +02:00
Nicolas Duchon
b66d21b60e
Add DEFAULT_EMAIL global env variable 2019-05-30 11:17:17 +02:00
Nicolas Duchon
48b4b450ce
Fix DH parameters overwrite issue (#545) 
fix #543
 2019-05-20 17:16:37 +02:00
Nicolas Duchon
522d396b0d
Fix unbound variable issue in get_self_cid 
fix #542
 2019-05-17 18:01:59 +02:00
Max Zhao
af4784d444 Fixing get cid to retry alternative sources. Also use regex to exactly match 64 char CID 2019-02-28 10:47:14 +01:00
Nicolas Duchon
fb2d0b2371
Use multiple methods to obtain self cid (#499) 
fix #498
 2019-01-16 11:29:24 +01:00
Nicolas Duchon
70405ffde9
Simplify the self cid discovery mechanism 
Also remove the hard requirement that the container get its
self cid during entrypoint as it is only used to produce a warning
and to get the nginx-proxy container id through --volumes-from,
which is only one of the three methods.

The fact that the LE container could get an nginx-proxy container id
is independently verified by the entrypoint script anyway and this
hard requirement on getting its self cid has been known to cause
troubles with containers running under orchestrators such as Amazon ECS
or Kubernetes.
 2019-01-09 20:49:11 +01:00
Grieche
a911b12661 Added LETSENCRYPT_MIN_VALIDITY environment variable. 
Allows to specify the minimum validity of certificates
  per container.
 2019-01-08 18:11:21 +01:00
Grieche
31daa643e5 * Fix whitespace typos 2018-12-21 18:19:05 +01:00
Grieche
fbab2c2913 * New environmental variable LETSENCRYPT_RESTART_CONTAINER 
Containers with this variable set to true will be restarted
      	when their respective certificates are updated/modified.
 2018-12-19 20:29:49 +01:00
Nicolas Duchon
feefd2d646
Manage ownership of symlinks too 
Fix #471
 2018-12-15 00:14:42 +01:00
Nicolas Duchon
5ac2ba963e
Make the DEBUG env var case insensitive (#480) 
bug spotted by @desimaniac
 2018-12-14 09:49:51 +01:00
Nicolas Duchon
bb0d7d8575
Use dotfile to identify managed certs 
fix #465
 2018-11-23 15:24:56 +01:00
Nicolas Duchon
5e10577638
Change ownership of public files too 2018-10-29 13:32:37 +01:00
Nicolas Duchon
d277e66089
Check perms only on simp_le non error exit 2018-10-29 10:32:17 +01:00
Nicolas Duchon
7fe8dd27f1
Check if path exist before perm check 2018-10-29 10:32:17 +01:00
Nicolas Duchon
a8f906b9ca
Default perms 755 (folders) - 644 (files) 2018-10-29 10:32:12 +01:00
Nicolas Duchon
c5d59e0c45
Ownership and permissions configuration 2018-10-29 00:43:45 +01:00
Nicolas Duchon
cd5729ce02
Check & enforce perms on sensitive files 
fix #412
 2018-09-16 09:20:58 +02:00
Nicolas Duchon
782763bec5
Always reload_nginx during init 
This ensure that nginx always use latest certs, keys, etc even on 
container restart.
 2018-08-12 23:56:31 +02:00
Nicolas Duchon
97361c2081
Only consider links in cleanup_links function 
Instead of considering any regular file matching /etc/nginx/certs/*.crt
 2018-08-12 22:56:06 +02:00
Nicolas Duchon
7ac961b092
Create default cert and key if absent 2018-08-02 22:56:59 +02:00
Nicolas Duchon
8dc65787d5
Remove set -x for debug (#403) 2018-08-02 00:01:21 +02:00
Nicolas Duchon
d33a403d09
Silence docker_exec noisy output after #401 (#402) 
Going through /app/docker-entrypoint.sh in the nginx-proxy
container generate some unwanted noise to std out.
 2018-07-08 14:10:10 +02:00
Nicolas Duchon
09ade6f845
Hardcode path to /app/letsencrypt_service_data (#404) 2018-06-15 08:45:52 +02:00
Nicolas Duchon
11ce7d1c98
Compare DH param with sha256 instead of md5 (#406) 2018-06-15 08:45:20 +02:00
Thom Seddon
060365a672 invoke /app/docker-entrypoint.sh when reloading nginx-proxy 2018-06-14 13:19:47 +01:00
Nicolas Duchon
2228154591
Remove old procps specific pkill command (#400) 
We don't use procps anymore.
 2018-06-13 14:12:29 +02:00
Nicolas Duchon
7c07356e42
Use background DH group creation (#394) 
Credits to @kamermans for most of the idea
 2018-06-08 15:09:50 +02:00
Nicolas Duchon
e88a5a72d4
Error message enhancement to #321 (#393) 
Output a different message when the
check_nginx_proxy_container_run
function can't get a container ID.
 2018-06-05 09:44:16 +02:00
Nicolas Duchon
af48249ede
Check deprecated env var at container init only (#392) 2018-06-05 09:43:24 +02:00
Nicolas Duchon
5da685795b
Check for unsupported ACME v2 endpoints (#389) 2018-06-04 10:44:19 +02:00
Dmytro Naumenko
8171b8c642 Fixed path to certfile, added debug echos (#380) 
Fixed path to certfile
Added debug echos
Enhanced issuer checking algo to fix tests
 2018-05-26 17:18:59 +02:00
Nicolas Duchon
aca144c6ef
Move the self ID retrieval to /app/functions.sh (#382) 
Fix #375
This enable the /app/force_renew script to get the LE companion
container ID, which is required to check if the nginx container
is running (#321) when using the --volumes-from method.
 2018-05-20 18:15:10 +02:00
SilverFire - Dmitry Naumenko
def9343b5b Prevent non-Letsencrypt certs removing 2018-05-17 15:14:10 +03:00
Nicolas Duchon
b614ebb30e
Merge pull request #335 from thomaco/patch-1 
Add ^~ to location directive
 2018-03-25 12:51:19 +02:00
Nicolas Duchon
4cdde050ad
Fix unwanted custom cert removal #351 2018-03-19 19:37:02 +01:00
Nicolas Duchon
d606704119
Fix the link creation functions 
The source/target order of create_link() has been
made the same as ln to avoid confusions.

The function also no longer skip link creation based
solely on target existence but check that the target
links to the required source.
 2018-03-16 18:41:14 +01:00
Nicolas Duchon
fa837ba143
Add cert_status script 
Displays useful informations about the existing certificates.
 2018-03-16 18:34:27 +01:00
Nicolas Duchon
0312525a27
Separate prod and test certs instead of overwriting 2018-03-16 18:34:27 +01:00
Nicolas Duchon
810a6cd27c
Don't symlink certs if simp_le errored 2018-03-16 18:34:27 +01:00
Nicolas Duchon
40a4d9ce2f
Do not remove old CN domains 
They're not symlinked to anyway, and removing
unused but valid certificates has no benefits.
 2018-03-16 18:34:27 +01:00
Nicolas Duchon
16f0222532
Additional check for docker-gen 2018-03-16 18:34:26 +01:00