Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/rjshrjndrn/certbot-autoupdater

Let's Encrypt SSL auto-update for Kubernetes
https://github.com/rjshrjndrn/certbot-autoupdater

devops-tools kubernetes lets-encrypt letsencrypt letsencrypt-certificates letsencrypt-utils nginx ssl

Last synced: 12 days ago
JSON representation

Let's Encrypt SSL auto-update for Kubernetes

Awesome Lists containing this project

README

        

## Reason

I'm using nginx as daemonset, rather than kubernetes ingress, along with Let's Encrypt as SSL. One issue I face is the renewal of the certificate every 3 months.

## Solution

Another certbot auto updater script. Only difference is this is a complete package. You can just change few variables, apply to your cluster, and forget about SSL.

## How to use
* Open certbot-autoupdater.yaml and change following variables.
- Mandatory:
- `DOMAIN` Change the value it to your domain name. For example, dev.myorg.com.
- `EMAIL` Change the value it to which email address you want SSL related news should come to.
- `ingress-cert` Change it to your ssl secret name in kuberentes. For example it can be `nginx-certificate` or so. Refer line number `61` and `102`
- Change the `Name of nginx deployment/daemonset`. Refer line number `65`,`66`,`92`
- Change the `Type of nginx installation`. Refer line number `94`. For example it can be `deployments` if you're using deployment.
- Optional:
- If you created the certificate using `kubectl crete secret --type ..` the key will be `tls.key` and `tls.crt`. If that's different, please search and change that too. Refer line number `62` and `63`
> Space in front of the string is mandatory.
* Install application.
- Note: This app should be running on the same namespace as your nginx deployment/daemonset.
- `kubectl apply -f certbot-autoupdater.yaml -n `