search

terricain / certbot-dns-azure

AzureDNS Certbot plugin
Other
33 stars 16 forks source link

Simple Dockerfile for running the plugin in a container #22

Closed naioja closed 1 year ago

naioja commented 1 year ago

Hello,

For anyone wanting to use this plugin in a container I have the following example:

FROM alpine:latest

RUN apk add --update --no-cache python3 && ln -sf python3 /usr/bin/python
RUN python3 -m ensurepip
RUN pip3 install --no-cache --upgrade pip setuptools certbot certbot-dns-azure

The docker build command would simply be: 

docker build -t certbot-azuredns -f Dockerfile .

As an example the newly created container can be used as follows (a bit brave to mount directly the host's /etc/letsencrypt directory):

docker run -it --rm --name certbot-azure-dns \
           -v /etc/letsencrypt/:/etc/letsencrypt/ \
           certbot-azuredns \
           certbot certonly \
           --authenticator dns-azure \
           --preferred-challenges dns \
           --agree-tos \
           --email 'address@example.com' \
           --noninteractive \
           --dns-azure-config /etc/letsencrypt/clouddns/azuredns.ini \
           --domains example.com \
           --domains '*.example.com'

And the contents of the azuredns.ini is as per the service principal example with 400 permission.

dns_azure_sp_client_id = AAA...
dns_azure_sp_client_secret = BBB...
dns_azure_tenant_id = CCC...

dns_azure_environment = "AzurePublicCloud"

dns_azure_zone1 = example.com:/subscriptions/DDD.../resourceGroups/rg-dns001

Please let me know if code snippet above this is adequate to be included in a subsequent PR.

yummypho commented 1 year ago

This was very useful and I appreciate the example with wildcards. Below is a complimentary dockerfile in case it helps anyone; I find docker compose easier to read. 

version: '3.7'
services:
  certbot-azure-dns-1:
    build:
      context: .
      dockerfile: Dockerfile
    container_name: certbot-azure-dns-1
    command: 
      - certbot 
      - certonly
      - "--email=example@outlook.com"
      - "--authenticator=dns-azure"
      - "--preferred-challenges=dns"
      - "--agree-tos"
      - "--noninteractive" 
      - "--dns-azure-config=/secret/azure.ini"
      - "--domains=example.org"
      - "--domains=*.example.org"
    volumes:
      - "./letsencrypt:/etc/letsencrypt"
      - "./secret:/secret:ro"
terricain commented 1 year ago

Hey, sorry, didn't have notifications on for this repo for a while. @naioja please PR and update the readme with a section relating to this :smile:

naioja commented 1 year ago

@terrycain please have a look at https://github.com/terrycain/certbot-dns-azure/pull/31