Install Let's encrypt client as a Docker container
ClosedPublic
Actions

Authored by dereckson on Mar 15 2018, 20:02.

Details

Reviewers

dereckson

Commits

rOPSd03884fb46d1: Install Let's encrypt client as a Docker container

Summary

The Let's encrypt client certbot is installed according two methods:

on regular servers, as a distro/OS package
on Docker engines, as a container and a wrapper script

This change takes care of the second method.

The certbot/certbot image is used (previously, the letsencrypt
image on quay.org was used), as officially maintained by EFF.

A certbot wrapper command runs the container with the correct
volumes mounted to be able to generate or renew certificates.

Test Plan

salt equatower state.apply roles/paas-docker/docker/images
salt equatower state.apply roles/paas-docker/wrappers
certbot <some commands>

Diff Detail

Repository

rOPS Nasqueron Operations

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

dereckson requested review of this revision.Mar 15 2018, 20:02

dereckson created this revision.

Harbormaster completed remote builds in B2229: Diff 3625.Mar 15 2018, 20:02

dereckson mentioned this in D1420: Allow a '*' key for node.filter_by_role.Mar 15 2018, 20:02

Equatower

$ certbot
usage:
  certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certificate.
certbot: error: unrecognized arguments: