{"id":18426931,"url":"https://github.com/rimelek/letsencrypt-http-docker","last_synced_at":"2026-05-09T04:31:38.344Z","repository":{"id":87428421,"uuid":"103757346","full_name":"rimelek/letsencrypt-http-docker","owner":"rimelek","description":"Let's Encrypt Docker image using HTTP validation method","archived":false,"fork":false,"pushed_at":"2020-05-23T19:24:55.000Z","size":6,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-13T20:57:39.538Z","etag":null,"topics":["docker","docker-image","letsencrypt"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rimelek.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-09-16T14:17:30.000Z","updated_at":"2023-03-26T12:25:18.000Z","dependencies_parsed_at":null,"dependency_job_id":"197474cc-7e0f-46a8-b2c6-e1768c1e9fd0","html_url":"https://github.com/rimelek/letsencrypt-http-docker","commit_stats":null,"previous_names":["rimelek/letsencrypt-http-docker"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/rimelek/letsencrypt-http-docker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rimelek%2Fletsencrypt-http-docker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rimelek%2Fletsencrypt-http-docker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rimelek%2Fletsencrypt-http-docker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rimelek%2Fletsencrypt-http-docker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rimelek","download_url":"https://codeload.github.com/rimelek/letsencrypt-http-docker/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rimelek%2Fletsencrypt-http-docker/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32807165,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-08T08:22:46.396Z","status":"online","status_checked_at":"2026-05-09T02:00:06.633Z","response_time":123,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","docker-image","letsencrypt"],"created_at":"2024-11-06T05:09:10.935Z","updated_at":"2026-05-09T04:31:38.329Z","avatar_url":"https://github.com/rimelek.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Description\n\nThis Docker image helps you validate your domain with Let's Encrypt, so you can create FREE certificates for your domains.\n\nYou need to create domain categories under /domains/ directory. Each category is a file containing your domains and the name of the created certificate will be the same as the name of category.\n\nExample:\n\n**/domains/mydomain.tld**\n\n```text\nmydomain.tld\nsub1.mydomain.tld\nsub2.mydomain.tld\n```\n\nIt will be converted to the following command:\n\n```bash\ncertbot certonly \\\n --expand \\\n --email ${LE_EMAIL} \\\n --non-interactive \\\n --agree-tos \\\n --standalone \\\n --preferred-challenges http-01 \\\n --http-01-port 9080 \\\n --cert-name mydomain.tld \\\n -d mydomain.tld -d sub1.mydomain.tld -d sub2.mydomain.tld\n```\n\nYou always need to bind mount /etc/letsencrypt or define it as a volume\n\n## Without running web server\n\nTo create categories, you can mount the directory from the host:\n\n```bash\ndocker run --rm -it \\\n -e LE_EMAIL=youremail@domain.tld \\\n -v `pwd`/domains:/domains \\\n -v /etc/letsencrypt:/etc/letsencrypt \\\n -p 80:9080 \\\n itsziget/letsencrypt-http \n```\n\nIf you want to create or renew only certain certificates, you can add the name of them at the end of the command:\n\n```bash\ndocker run --rm -it \\\n -e LE_EMAIL=youremail@domain.tld \\\n -v `pwd`/domains:/domains \\\n -v /etc/letsencrypt:/etc/letsencrypt \\\n -p 80:9080 \\\n itsziget/letsencrypt-http \\\n \"mydomain.tld myotherdomain.tld\"\n```\n\nMake sure the name of the categories are enclosed in quotes!\n\n## With running web server\n\nNote that the commands above work only if you do not have running service on port 80.\nYour web server probably listen on this port so you need to set a reverse proxy in front of the web server\nand map all requests for \"/.well-known/acme-challenge\" to the Let's Encrypt container.\n\nYou can also reuse the loopback interface of the proxy container so the proxy can use 127.0.0.1 as target address.\n\nIn case of NGINX:\n\n```\nlocation /.well-known/acme-challenge {\n proxy_pass http://127.0.0.1:9080;\n}\n```\n\nIf the name of the NGINX container is \"nginx-proxy\", run Let's Encrypt:\n\n```bash\ndocker run --rm -it \\\n -e LE_EMAIL=youremail@domain.tld \\\n -v `pwd`/domains:/domains \\\n -v /etc/letsencrypt:/etc/letsencrypt \\\n --network \"container:nginx-proxy\" \\\n itsziget/letsencrypt-http\n```\n\n## Environment variables\n\nThis image provides a very basic solution to make a little easier to define multiple certificates with multiple domains.\nYou can find more advanced solutions on Docker Hub.\nHowever, if you find this image easier for your needs you can customize it by setting environment variables.\n\nThere are boolean variables that accept some certain case insensitive values:\n\n* **FALSE**: 0, n, no, false\n* **TRUE**: 1, y, yes, true\n\nVariables:\n\n* **LE_EMAIL:** It is the only required variable. Let's Encrypt will send notifications to this address.\n* **LE_HTTP_PORT:** 9080 by default. Let's Encrypt client will listen on this port. The server will use port 80 so you need to forward it from your host to the container's port 9080. If you want to use host network, you can change the port to 80. \n* **LE_STAGING:** Boolean or string. \"false\" by default. If you set it to \"true\", option \"--staging\" will be added so you will get invalid test certificate. If you have multiple certificates and only some of them should be test, list the names of them here separated by space. Ex.: \"test1 test2\" \n* **LE_DRY_RUN:** Boolean. \"false\" by default. If you set it to \"true\", option \"--dry-run\" will be added so certificates will not actually saved.\n* **LE_EXTRA_OPTIONS:** \"\" by default. You can set any additional option you need like \"--break-my-certs\".\n* **LE_SHOW_COMMAND:** Boolean. \"false\" by default. You may want to see what is the actual command run inside the container instead of variables. If you set the variable to \"true\" the command will be shown before it runs.\n\n## Automate the process\n\nYou can schedule the commands with CRON to automate the process of renewing certificates.\nBefore you do this, make sure Let's Encrypt container is reachable from outside on port 80 and each domain set to your server.\nEven if certificates are generated successfully, you need to reload configurations of NGINX, Apache HTTPD or any server which uses the certificates.\n\nIn case of Docker containers the following command should work:\n\n```bash\ndocker kill -s HUP containername\n``` \nYou can run it manually by cron:\n\nExample:\n\n```bash\ndocker run --rm -it \\\n -e LE_EMAIL=youremail@domain.tld \\\n -v `pwd`/domains:/domains \\\n -v /etc/letsencrypt:/etc/letsencrypt \\\n --network \"container:nginx-proxy\" \\\n itsziget/letsencrypt-http \\\n \u0026\u0026 docker kill -s nginx-proxy\n```\n\n**Tip:** You can use [itsziget/docron](https://hub.docker.com/r/itsziget/docron/) to run Let's Encrypt periodically or [itsziget/ssmtp-mailer](https://hub.docker.com/r/itsziget/ssmtp-mailer/) to be notified after the success of renewing certificates. \n\nHere is a complete Docker Compose example using both of them:\n\n```yaml\nversion: '2'\n\nservices:\n certbot:\n image: 'itsziget/letsencrypt-http'\n volumes:\n - /etc/letsencrypt:/etc/letsencrypt\n - ./domains:/domains\n network_mode: container:nginx-proxy\n environment:\n LE_EMAIL: ${LE_EMAIL}\n labels:\n itsziget.docron-gen.start.schedule: \"0 20 1 * *\"\n itsziget.docron-gen.start.pipeline: |\n docker run -i \\\n -e SMTP_HOST=\"smtp.host:587\" \\\n -e SMTP_USER=\"smtp@user\" \\\n -e SMTP_PASS=\"password\" \\\n -e TO=\"notify@me\" \\\n -e FROM_EMAIL=\"be@the.sender\" \\\n -e FROM_NAME=\"I am The Sender\" \\\n -e SUBJECT=\"Let's Encrypt\" \\\n --rm itsziget/ssmtp-mailer \\\n \u0026\u0026 docker kill -s HUP nginx-proxy\n```\n\nDo not forget about the NGINX path mapping:\n\n```\nlocation /.well-known/acme-challenge {\n proxy_pass http://127.0.0.1:9080;\n}\n```\n\nAnd run the following command:\n\n```bash\ndocker-compose up\n```\n\nOf course it will stop after the command run, but because of the used labels the running cron container will start it again periodically until you remove the Let's Encrypt container.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frimelek%2Fletsencrypt-http-docker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frimelek%2Fletsencrypt-http-docker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frimelek%2Fletsencrypt-http-docker/lists"}