Skip to content

Instantly share code, notes, and snippets.

@AnatomicJC
Last active September 12, 2019 19:02
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save AnatomicJC/1804a2e998426b7119a32cd9d5524a58 to your computer and use it in GitHub Desktop.
Let's Encrypt wildcard docker OVH

Go to https://api.ovh.com/console/ and create a new API key with these rights (replace domain.ltd with your domain managed at OVH):

GET /domain/zone/
GET /domain/zone/domain.ltd/status
GET /domain/zone/domain.ltd/record
GET /domain/zone/domain.ltd/record/*
POST /domain/zone/domain.ltd/record
POST /domain/zone/domain.ltd/refresh
DELETE /domain/zone/domain.ltd/record/*

Create an ovhapi file with this content:

dns_ovh_endpoint = ovh-eu
dns_ovh_application_key = your-application-key
dns_ovh_application_secret = your-application-secret
dns_ovh_consumer_key = your-consumer-key

Then launch this:

docker run -i --rm --name certbot \
  -v "/etc/letsencrypt:/etc/letsencrypt" \
  -v "/var/lib/letsencrypt:/var/lib/letsencrypt" \
  -v "/path/to/ovhapi-file:/.ovhapi" certbot/dns-ovh certonly \
  --dns-ovh --dns-ovh-credentials /.ovhapi \
  --non-interactive --agree-tos \
  --email user@domain.ltd \
  -d domain.ltd -d *.domain.ltd

You will find your wildcard certificates on /etc/letsencrypt folder of your machine.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment