Option for disabling / pass-through

[alexanderkjeldaas]

When having multiple environments and when using let's encrypt, it might not be desirable to actually instantiate let's encrypt certs for non-standard ports or non-existing DNS names.

An environment variable that makes docker-flow-proxy-letsencrypt a pass-through proxy would be practical as there is no simple way of conditionally disable services in a docker-compose file.

[n1b0r]

Hello,

I not sure I correctly understand your question.

Currently you can disable letsencrypt companion by not setting com.df.letsencrypt.host or com.df.letsencrypt.email labels on service. DPLE will just forward the docker-dlow-swarm-listener request to the docker-flow-proxy. (https://github.com/n1b0r/docker-flow-proxy-letsencrypt/blob/master/app/app.py#L72)

If it do not answer your original question, could you explain your use case with more details please.

[alexanderkjeldaas]

My use-case is that I have two environments: pr and prod. The pr environment will be run from CI, but is not production.

docker-compose does not support bash-type expansions, so I can't write com.df.letsencrypt.email=${LE_ENABLED:+www.myexample.com,www.myotherexample.com}

Rather, I'd have to write (on every service)

com.df.letsencrypt.host=${SERVICE_N_LE_HOST}

which in effect means I'm moving most configuration out of the docker-compose file itself.

What I'd rather have is one switch on docker-flow-proxy-letsencrypt to enable pass-through on everything, despite what's configured on the individual services.

This is really about working around limitations in docker-compose, but it's practical to be able to have as much configuration in that file as possible.