Skip to content
/ docker-acmeproxy Public

ACME DNS challenge proxy container of madcamel/acmeproxy.pl.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

socheatsok78/docker-acmeproxy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
.github/workflows
.github/workflows
 
 
dockerhub
dockerhub
 
 
rootfs
rootfs
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
docker-bake.hcl
docker-bake.hcl
 
 

Repository files navigation

About

ACME DNS challenge proxy container of madcamel/acmeproxy.pl.

Source | Docker Hub | GitHub Container Registry

Image

Registry Image
Docker Hub socheatsok78/acmeproxy
GitHub Container Registry ghcr.io/socheatsok78/acmeproxy

Following platforms for this image are available:

$ docker run --rm mplatform/mquery socheatsok78/acmeproxy:latest

# Image: socheatsok78/acmeproxy:latest
#  * Manifest List: Yes (Image type: application/vnd.oci.image.index.v1+json)
#  * Supported platforms:
#    - linux/amd64
#    - linux/arm64

Releases

The release versioning scheme is based on Alpine releases, and it will follow the same versioning as the base image. The build matrix is generated using actions-matrix/alpine-matrix-action action.

Currently, the following versions are available:

  • latest
  • edge
  • 3.20
  • 3.19

Important

The release is automated on a weekly basis, and if there is a new version of the base image, the release will build and push the new version following the base image version.

Important

The version of madcamel/acmeproxy.pl will be updated to the latest version available on the master branch and does not dictate by the base image version.

Usage

Here a simple example of how to use this image:

services:
  acmeproxy:
    image: socheatsok78/acmeproxy:3.20
    environment:
      ACME_SERVER: letsencrypt_test
      ACME_DNS_PROVIDER: dns_cf
      CF_Zone_ID: abcdefghijklmnopqrstuvwxyz
      CF_Token: TOKEN-abcdefghijklmnopqrstuvwxyz
    hostname: acmeproxy.fqdn.domain
    volumes:
      - acmeproxy-data:/data:rw
      - acmeproxy-cache:/home/acmeproxy/.acme.sh:rw # optional
volumes:
  acmeproxy-data:
  acmeproxy-cache: # optional

Configure ACME Proxy Server

The following environment variables are available:

  • ACMEPROXY_SERVER_ENDPOINT - The hostname of the ACME Proxy server. If not set, the container will use the hostname of the container.
  • ACMEPROXY_SERVER_USERNAME - The default user for the ACME Proxy server. Default is acmeproxy.
  • ACMEPROXY_SERVER_PASSWORD - The default password for the ACME Proxy server. Default is acmeproxy.

Configure ACME Client used by ACME Proxy Server

The following environment variables are available:

  • ACME_EMAIL - The email address for the ACME Proxy server.
  • ACME_SERVER - The ACME issuer to use. Default is letsencrypt.
  • ACME_DNS_PROVIDER - The DNS provider to use for the ACME challenge.

Note

A list of server can be found here acmesh-official/acme.sh/wiki/Server and supported DNS providers here acmesh-official/acme.sh/wiki/dnsapi.

Security Notes

The madcamel/acmeproxy.pl was written to be run within an internal network. It's not recommended to expose your acmeproxy host to the outside world.

Use of this certificate scheme will expose your internal network's hostnames via the certificate signer's public certificate transparency logs. If you're not comfortable with that, it is recommended not to use this approach. Please note that this is not a failing in acmeproxy.pl, but rather a characteristic of how public certificate authorities operate.

License

Licensed under the MIT License.

About

ACME DNS challenge proxy container of madcamel/acmeproxy.pl.

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

 
 
 

Languages