Skip to content
/ docker-certs-extraction Public

Docker to generate certificates based on Traefik docker from json file to crt, key, pem, pfx and like Neilpang/acme.sh

4 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

joweisberg/docker-certs-extraction

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits

Dockerfile.cross

Dockerfile.cross

 
 

README.md

README.md

 
 

build.sh

build.sh

 
 

certs-extraction.sh

certs-extraction.sh

 
 

healthcheck

healthcheck

 
 

Repository files navigation

docker-certs-extraction

This project:

Docker certificates extraction based on Traefik

Generate certificates based on Traefik docker from json file to crt, key, pem, pfx and like Neilpang/acme.sh

A certs-extraction container is available. It includes the latest development HEAD version. You can use it to manage certificates.

Prerequisite:

  • Generate certificates by Traefik
  • Get a valid acme.json file

Steps

  1. Detect change every 3s on acme.json file based on Traefik
  2. Extract crt, key, pem, pfx files under certs/
  3. Copy certificates like acme.sh under acme/
  4. Duplicate acme certificates under ACME_COPY

Example:

/var/docker/traefik
  - acme.json
  certs/
    - ssl-cert.key
    - ssl-cert.crt
    - ssl-cert.pem
    - ssl-cert.pfx
  acme/
    - ca.cer
    - fullchain.cer
    - sub.example.com.key
    - sub.example.com.cer

Environmental variables

  • TZ: name of the TimeZone - ie. "Etc/UTC" or "Europe/Paris" (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones)
  • DOMAIN: The domain name that you are updating - ie. sub.example.com
  • ACME_COPY: the mounted volume to copy acme folder content. Use | separator for multiples folders (need to be mounted as volume on Docker)

Installation via Docker

Please follow the official documentation:

https://docs.docker.com/install/

Docker image platform / architecture

The Docker image to use joweisberg/certs-extraction:latest. Build on Linux Ubuntu 20.04 LTS, Docker 19.03 and above for:

Platform Architecture / Tags
x86_64 amd64
aarch64 arm64
arm arm32

Docker

Get the container

$ docker pull joweisberg/certs-extraction:latest

Run the container in console mode (notice the environment variable setting parameters for the startup command)

$ docker run -d --restart="unless-stopped" -e TZ="Europe/Paris" -e DOMAIN="sub.example.com" -v /var/docker/traefik:/mnt/data joweisberg/certs-extraction:latest

Run the container via docker-compose

version: "3.5"
services:
  certs-extraction:
    container_name: certs-extraction
    image: joweisberg/certs-extraction:latest
    restart: unless-stopped
    environment:
      - TZ=Europe/Paris
      - DOMAINS=sub1.example.com sub2.example.com
      - ACME_COPY=/mnt/certs-to-copy
    healthcheck:
      test: ["CMD", "/usr/bin/healthcheck"]
      interval: 30s
      timeout: 10s
      retries: 5
    volumes:
      - /var/docker/traefik:/mnt/data
      - /mnt/certs-to-copy:/mnt/certs-to-copy

About

Docker to generate certificates based on Traefik docker from json file to crt, key, pem, pfx and like Neilpang/acme.sh

Topics

docker docker-image certificates acme pem pfx traefik crt

Resources

Readme
Activity

Stars

4 stars

Watchers

2 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages