Merge pull request #24 from MB175/feature/docker

PatrickKoss · web-flow · commit ed906d59e7f7 · 2025-06-03T12:34:01.000+02:00
Add Dockerized Certbot Setup
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,17 @@
+FROM python:3.11-slim
+
+RUN apt-get update && apt-get install -y \
+    git \
+    gcc \
+    libffi-dev \
+    libssl-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN pip install certbot
+
+RUN git clone https://github.com/stackitcloud/certbot-dns-stackit.git /opt/certbot-dns-stackit \
+    && pip install /opt/certbot-dns-stackit
+
+WORKDIR /etc/letsencrypt
+
+ENTRYPOINT ["certbot"]
diff --git a/examples/.env b/examples/.env
@@ -0,0 +1,2 @@
+DOMAIN=example.com
+WILDCARD=*.example.com
diff --git a/examples/.gitignore b/examples/.gitignore
@@ -0,0 +1 @@
+*.ini
diff --git a/examples/docker-compose.yml b/examples/docker-compose.yml
@@ -0,0 +1,31 @@
+version: '3.8'
+
+services:
+  certbot:
+    build:
+      context: .
+      dockerfile: ../Dockerfile
+    container_name: certbot-stackit
+    volumes:
+      - ./letsencrypt:/etc/letsencrypt
+      - ./stackit.ini:/stackit.ini:ro
+    entrypoint: certbot
+    command: >
+      certonly
+      --agree-tos
+      --non-interactive
+      --email dns@${DOMAIN}
+      --authenticator dns-stackit
+      --dns-stackit-credentials /stackit.ini
+      --dns-stackit-propagation-seconds 60
+      -d "${WILDCARD}" -d "${DOMAIN}"
+  certbot-renew:
+    build:
+      context: .
+      dockerfile: ../Dockerfile
+    container_name: certbot-renew
+    volumes:
+      - ./letsencrypt:/etc/letsencrypt
+      - ./stackit.ini:/stackit.ini:ro
+    entrypoint: certbot
+    command: renew
diff --git a/examples/readme.md b/examples/readme.md
@@ -0,0 +1,45 @@
+#  Certbot with Stackit DNS Plugin (Docker Compose)
+
+- Custom Docker image: Based on certbot/certbot, with the Stackit DNS plugin installed.
+- Docker Compose service to request wildcard certificates.
+
+---
+## 📂 Certificate File Structure
+
+```
+./letsencrypt/live/<your-domain>/
+├── cert.pem            # Your domain’s certificate
+├── chain.pem           # The Let's Encrypt chain
+├── fullchain.pem       # cert.pem + chain.pem (what you usually use)
+├── privkey.pem         # Your private key
+```
+
+
+## 🛠️ Setup Instructions
+
+
+### 1. Create a file named `stackit.ini` in the root directory:
+
+⚠️️️ Make sure the file is secure: (`chmod 600 stackit.ini`)
+```
+dns_stackit_auth_token = YOUR_API_TOKEN
+dns_stackit_project_id = YOUR_PROJECT_ID
+```
+
+### 2. Set domain in `.env` file
+```
+DOMAIN=example.com
+WILDCARD=*.example.com
+```
+
+### 3. Run Certbot
+```
+docker compose up certbot
+```
+
+### 4. Cert permission
+
+The certs and the live folder will be `root:root`, in order to access them with your user
+```bash
+sudo chown -R $(id -u):$(id -g) ./letsencrypt
+```

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+DOMAIN=example.com`
	`2`	`+WILDCARD=*.example.com`