Certbot Cron Docker
Dockerised Certbot that utilises cron to schedule creating and renewing SSL certificates. Uses Cloudflare for DNS-01 verification. Automatic renewal attempt happens every 6 hours.
Running
Docker CLI
docker run -d --name certbot \
-e EMAIL=admin@domain.com \
-e DOMAINS=domain.com \
-v /docker/certbot-cron:/config \
git.mrmeeb.stream/mrmeeb/certbot-cron:latest
Docker Compose
version: "3"
services:
certbot:
image: git.mrmeeb.stream/mrmeeb/certbot-cron:latest
container_name: certbot
restart: unless-stopped
volumes:
- ./certbot:/config
environment:
- EMAIL=admin@domain.com
- DOMAINS=domain.com,*.domain.com
Environment Variables:
| Variable | Default Value | Description |
|---|---|---|
| None | Email address for renewal information & other communications | |
| DOMAINS | None | Domains to be included in the certificate. Comma separated list, no spaces. Wildcards supported |
| INTERVAL | 0 */6 * * * | How often certbot attempts to renew the certificate. Cron syntax |
| STAGING | false (case-sensitive) | Uses the LetsEncrypt staging endpoint for testing - avoids the aggressive rate-limiting of the production endpoint |
| PROPOGATION_TIME | 10 | The amount of time (seconds) that certbot waits for the TXT records to propogate to Cloudflare before verifying - the more domains in the certificate, the longer you might need |
| GENERATE_DHPARAM | true (case-sensitive) | Generate Diffie-Hellman keys in /config/letsencrypt/keys |
Volumes
| Docker path | Purpose |
|---|---|
| /config | Stores configs and LetsEncrypt output for mounting in other containers |
Building
git clone https://git.mrmeeb.stream/certbot-cron-docker
cd certbot-cron-docker
docker build -t certbot-cron .
docker run -d --name certbot-cron \
-e EMAIL=admin@domain.com \
-e DOMAINS=domain.com \
-v /docker/certbot-cron:/config \
certbot-cron
Other
Thanks to this guy for explaining how to make cron actually shutdown when stopping the container.