{"id":20901602,"url":"https://github.com/willfarrell/docker-letsencrypt","last_synced_at":"2025-10-05T19:11:48.597Z","repository":{"id":61191743,"uuid":"78885733","full_name":"willfarrell/docker-letsencrypt","owner":"willfarrell","description":"container to generate letsencrypt certs using dehydrated + lexicon","archived":false,"fork":false,"pushed_at":"2020-01-20T04:02:25.000Z","size":21,"stargazers_count":9,"open_issues_count":2,"forks_count":3,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-07-28T10:48:08.298Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/willfarrell.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-01-13T20:53:26.000Z","updated_at":"2023-12-18T15:24:50.000Z","dependencies_parsed_at":"2022-10-12T12:04:45.389Z","dependency_job_id":null,"html_url":"https://github.com/willfarrell/docker-letsencrypt","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/willfarrell/docker-letsencrypt","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fdocker-letsencrypt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fdocker-letsencrypt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fdocker-letsencrypt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fdocker-letsencrypt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/willfarrell","download_url":"https://codeload.github.com/willfarrell/docker-letsencrypt/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fdocker-letsencrypt/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278504303,"owners_count":25997922,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-05T02:00:06.059Z","response_time":54,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-18T11:36:11.598Z","updated_at":"2025-10-05T19:11:48.562Z","avatar_url":"https://github.com/willfarrell.png","language":"Dockerfile","readme":"# docker-letsencrypt\n\ncontainer to generate letsencrypt certs using dehydrated + lexicon\n\n## Supported tags and Dockerfile links\n- [`latest` (*Dockerfile*)](https://github.com/willfarrell/docker-letsencrypt/blob/master/Dockerfile)\n\n[![](https://images.microbadger.com/badges/version/willfarrell/letsencrypt.svg)](http://microbadger.com/images/willfarrell/letsencrypt \"Get your own version badge on microbadger.com\") [![](https://images.microbadger.com/badges/image/willfarrell/letsencrypt.svg)](http://microbadger.com/images/willfarrell/letsencrypt \"Get your own image badge on microbadger.com\")\n\n## Docs\n- https://github.com/lukas2511/dehydrated\n- https://github.com/AnalogJ/lexicon\n- https://github.com/willfarrell/docker-nginx\n\n## Dockerfile\nUse to set your own defaults or overwrite in the command\n```Dockerfile\nFROM willfarrell/letsencrypt:latest\n\nCOPY config /etc/dehydrated/config\n```\n\n## ENV\n```\n# Optional. Used to enable logging to file `/var/log/letsencrypt/runtime.log`.\nLOG=TRUE\n# defaults to `staging`, use `production` when ready.\nLE_ENV=staging\n# CSV list of domains\nLE_DOMAIN=\n# Only required if you plan to use dns-01 challenges (use for private services)\n# CloudFlare example\nPROVIDER=cloudflare\nLEXICON_CLOUDFLARE_USERNAME=\nLEXICON_CLOUDFLARE_TOKEN=\n\n# Route 53 example\nPROVIDER=route53\nLEXICON_ROUTE53_ACCESS_KEY=\nLEXICON_ROUTE53_ACCESS_SECRET=\n```\n\n## Testing\n```bash\ndocker build -t letsencrypt .\n\n# private\ndocker run \\\n --env-file letsencrypt.env \\\n letsencrypt \\\n dehydrated \\\n --cron --accept-terms \\\n --domain letsencrypt.willfarrell.ca \\\n --hook dehydrated-dns \\\n --challenge dns-01 \\\n --force\n\n# public\ndocker run -d \\\n --env-file letsencrypt.env \\\n letsencrypt \\\n dehydrated \\\n --cron --accept-terms \\\n --domain letsencrypt.willfarrell.ca \\\n --challenge http-01 \\\n --force\n\n# reload nginx to see changes \n```\n\n## Deploy\nNote the use of `--hook dehydrated-dns`, [dehydrated-dns](https://github.com/AnalogJ/lexicon/blob/master/examples/dehydrated.default.sh) is a script wrapper to call lexicon from dehydrated.\n```bash\n# private\ndocker run \\\n --volumes-from docker_nginx_1 \\\n --env-file letsencrypt.env \\\n willfarrell/letsencrypt \\\n dehydrated \\\n --cron --domain letsencrypt.willfarrell.ca \\\n --out /etc/ssl \\\n --hook dehydrated-dns \\\n --challenge dns-01\n\n# public\ndocker run -d \\\n --volumes-from docker_nginx_1 \\\n --env-file letsencrypt.env \\\n willfarrell/letsencrypt \\\n dehydrated \\\n --cron --domain letsencrypt.willfarrell.ca \\\n --out /etc/ssl \\\n --challenge http-01\n```\nAlso worth reading is Let's Encrypts document on certificate rate limits https://letsencrypt.org/docs/rate-limits/. In short you can generate 5 duplicate certificates per 7 days.\n\n## Route53 Access Policy\n```json\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"route53:ListHostedZonesByName\"\n ],\n \"Resource\": [\n \"*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"route53:ChangeResourceRecordSets\"\n ],\n \"Resource\": [\n \"arn:aws:route53:::hostedzone/${HOSTED_ZONE_ID}\"\n ]\n }\n ]\n}\n```\n\n## Staging Certificate\nStaging certificates are not natively trusted. If you'd like to prevent the security messages in the browser;\n\n### Mac\n1. Download [`Fake LE Intermediate X1`](https://letsencrypt.org/docs/staging-environment).\n2. Open `Applications` -\u003e `Utilities` -\u003e `Keychain Access`.\n3. Click on `Certificates`.\n4. Drag `fakeleintermediatex1.pem` into the window to add it.\n5. Double click `Fake LE Intermediate X1`.\n6. Window will pop open. Under the `Trust` section, set `When using this certificate` to `Always Trust`.\n7. Close window. Confirm window will pop open. Enter password and click `Update Settings`.\n\nThere should now be a blue and white plus icon associated with the certificate. You may need to restart your browser before the change takes effect.\n\n### iOS\n1. Go to https://letsencrypt.org/docs/staging-environment click on `Fake LE Intermediate X1`.\n2. You will be redirected to an `Install Profile` page. Click `Install`.\n3. Enter device password.\n4. Click `Install`, and `Install` again.\n5. Click `Done`.\n\nTo view the certificate got to `Settings` -\u003e `General` -\u003e `Profile`.\n\n## Android\n- https://support.google.com/nexus/answer/2844832?hl=en\n- https://www.globalsign.com/en/blog/installing-certificates-onto-android-devices/\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwillfarrell%2Fdocker-letsencrypt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwillfarrell%2Fdocker-letsencrypt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwillfarrell%2Fdocker-letsencrypt/lists"}