diff --git a/Dockerfile b/Dockerfile index 54204d5..70ce0b9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,9 @@ FROM alpine:3.3 -MAINTAINER Jan Broer +MAINTAINER RUN apk add --no-cache ca-certificates -ENV LETSENCRYPT_RELEASE v0.2.9 +ENV LETSENCRYPT_RELEASE v0.3.0 ADD https://github.com/janeczku/rancher-letsencrypt/releases/download/${LETSENCRYPT_RELEASE}/rancher-letsencrypt-linux-amd64.tar.gz /tmp/rancher-letsencrypt.tar.gz diff --git a/README.md b/README.md index 9b9d581..39bcfb6 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,17 @@ A [Rancher](http://rancher.com/rancher/) service that obtains free SSL/TLS certi This application is distributed via the [Rancher Community Catalog](https://github.com/rancher/community-catalog). Enable the Community Catalog under `Admin` => `Settings` in the Rancher UI. -Then find the `Let's Encrypt` template in the Catalog section of the UI and follow the instructions. +Then locate the `Let's Encrypt` template in the Catalog section of the UI and follow the instructions. + +#### Accessing certificates and private keys from other services +The created SSL certificate is stored in Rancher for usage in load balancers. +If you want to use it from other services (e.g. a Nginx container) you can opt to save the certificate and private key to a host path, +named volume or Convoy storage volume. You can then mount the volume or host path to other containers and access the files as follows: +`//fullchain.pem` +`//privkey.pem` +where `` is the name you specified in the UI forced to this set of characters: `[a-zA-Z0-9-_.]`. + + ### Provider specific usage diff --git a/VERSION b/VERSION index 8f51ea9..268b033 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v0.2.9 +v0.3.0 diff --git a/context.go b/context.go index 9c54ac0..762551a 100644 --- a/context.go +++ b/context.go @@ -71,17 +71,17 @@ func (c *Context) InitContext() { } providerOpts := letsencrypt.ProviderOpts{ - Provider: letsencrypt.DnsProvider(providerParam), - CloudflareEmail: getEnvOption("CLOUDFLARE_EMAIL", false), - CloudflareKey: getEnvOption("CLOUDFLARE_KEY", false), - DoAccessToken: getEnvOption("DO_ACCESS_TOKEN", false), - AwsAccessKey: getEnvOption("AWS_ACCESS_KEY", false), - AwsSecretKey: getEnvOption("AWS_SECRET_KEY", false), - DNSimpleEmail: getEnvOption("DNSIMPLE_EMAIL", false), - DNSimpleKey: getEnvOption("DNSIMPLE_KEY", false), - DynCustomerName: getEnvOption("DYN_CUSTOMER_NAME", false), - DynUserName: getEnvOption("DYN_USER_NAME", false), - DynPassword: getEnvOption("DYN_PASSWORD", false), + Provider: letsencrypt.DnsProvider(providerParam), + CloudflareEmail: getEnvOption("CLOUDFLARE_EMAIL", false), + CloudflareKey: getEnvOption("CLOUDFLARE_KEY", false), + DoAccessToken: getEnvOption("DO_ACCESS_TOKEN", false), + AwsAccessKey: getEnvOption("AWS_ACCESS_KEY", false), + AwsSecretKey: getEnvOption("AWS_SECRET_KEY", false), + DNSimpleEmail: getEnvOption("DNSIMPLE_EMAIL", false), + DNSimpleKey: getEnvOption("DNSIMPLE_KEY", false), + DynCustomerName: getEnvOption("DYN_CUSTOMER_NAME", false), + DynUserName: getEnvOption("DYN_USER_NAME", false), + DynPassword: getEnvOption("DYN_PASSWORD", false), } c.Acme, err = letsencrypt.NewClient(emailParam, keyType, apiVersion, providerOpts)