Google Cloud ENV Variables

[duffenterprises]

@kchristensen I was hoping to be able to provide a pull request with instructions for GCP, but I've run into problems. I've introduced a serviceaccount directory, with a sa.json file for interacting with GCP.

# ./udm-le.sh  initial
Attempting initial certificate generation
2020/12/23 02:49:01 Failed to read the file /mnt/data/udm-le/serviceaccount/sa.json (defined by env var GCE_SERVICE_ACCOUNT_FILE): open /mnt/data/udm-le/serviceaccount/sa.json: no such file or directory
2020/12/23 02:49:03 googlecloud: project name missing

# ls -l serviceaccount/sa.json 
-rw-r--r--    1 root     root          2326 Dec 22 21:11 serviceaccount/sa.json

My experiments on localhost suggested that with lego, you really only needed the GCE_SERVICE_ACCOUNT_FILE to be set. I'm under the assumption that there are NO other pre-requisites to what you described in the readme.

[kchristensen]

I don't use GCP often so I'm kinda guessing here, but based on a cursory glance over the docs I think you may have to also specify GCE_PROJECT which seems to possibly be one of the things it is complaining about.

[duffenterprises]

I'm more puzzled my why it can't find the file sa.json. Are there perquisites that you don't mention in the readme?

[kchristensen]

Oh, it's likely because lego is trying to read the sa.json file IN the container but it's not passed into the container as a volume.

[kchristensen]

See https://github.com/kchristensen/udm-le/blob/master/udm-le.sh#L46-L49 for an example of how the AWS credentials directory gets passed in if you're using AWS.

[duffenterprises]

Perfect. I will follow your naming convention and test. If it works out I'll prepare a PR.

[duffenterprises]

https://github.com/kchristensen/udm-le/pull/23 created for this issue. Happy new year.

[kchristensen]

Just merged that, thanks for contributing! I'm sure people will find this very useful.