https://github.com/dappnode/certificates-server

API to issue dappnode subdomain certificates
https://github.com/dappnode/certificates-server

Last synced: 27 days ago
JSON representation

API to issue dappnode subdomain certificates

• Host: GitHub
• URL: https://github.com/dappnode/certificates-server
• Owner: dappnode
• Created: 2020-11-06T14:38:58.000Z (about 4 years ago)
• Default Branch: master
• Last Pushed: 2023-10-11T12:59:01.000Z (over 1 year ago)
• Last Synced: 2024-07-10T21:07:43.957Z (6 months ago)
• Language: TypeScript
• Homepage:
• Size: 144 KB
• Stars: 3
• Watchers: 8
• Forks: 2
• Open Issues: 2
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# dappnode-cert-api

## Build docker image

```bash

docker build -t dappnode-cert-api .

```

Run the server using docker

```bash

docker run -p 5000:5000 -v "":/etc/letsencrypt/creds.ini:ro dappnode-cert-api

```

where `` is the path to the `creds.ini` file on your host machine eg.

```

# Target DNS server

dns_rfc2136_server = ns.yourdomain.com

# Target DNS port

dns_rfc2136_port = 53

# TSIG key name

dns_rfc2136_name = 

# TSIG key secret

dns_rfc2136_secret = 

# TSIG key algorithm

dns_rfc2136_algorithm = HMAC-SHA512

```

Note: Even though it is not necessary, it is a good practice to have whole `/etc/letsencrypt` folder mounted as a volume since all certificates are stored there. 

## Run tests

```bash

docker run --rm -it -p 5000:5000 \

    -v "":/etc/letsencrypt/creds.ini:ro \

    -e DEBUG=1 dappnode-cert-api test

```

Example:

```bash

docker run --rm -it -p 5000:5000 \

    -v "$(pwd)/creds.ini":/etc/letsencrypt/creds.ini:ro \

    -e DEBUG=1 dappnode-cert-api test

```

## Configuration environment variables

| Name                  | Default value              | Description                                                                           |

| --------------------- | -------------------------- | ------------------------------------------------------------------------------------- |

| BASE_DIR              | /etc/letsencrypt/          | Base directory in which certs are stored                                              |

| DEBUG                 | false                      | If true, uses fake certificates                                                       |

| RATE_LIMIT_WINDOW_MS  | 3600000                    | Size of rate limit interval                                                           |

| RATE_LIMIT_MAX        | 5                          | Max tries in rate limit interval                                                      |

| DYNDNS_THRESHOLD      | 600                        | Time threshold for validaeting request                                                |

| RENEWAL_TIME_TRESHOLD | 6500000                    | If two requests for same certificate come within this time, old certificate is resent |

| LETSENCRYPT_EMAIL     | None                       | Email for letsencrypt account                                                         |

| CREDS_LOCATION        | /etc/letsencrypt/creds.ini | Location of credentials file                                                          |