Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Auto-renewing Lets Encrypt certificates for Rancher 1.6

Lets Encrypt has removed their ACME V1 api in favor of ACME V2. The Rancher 1.6 catalog entry for Lets Encrypt certificates doesn't support this api. There is a forked version of the repo, however the service has to be created manually instead of from the catalog.

  1. Create a new service, give it a name, use vxcontrol/rancher-letsencrypt:v1.0.0 for the image
  2. In the "Volumes" tab, add a volume /var/lib/rancher:/var/lib/rancher
  3. In the "Command" tab, set the "Console" option to none
  4. Click to add an Environment Variable, and paste the following into the first "Variable" input field.
  • All of the environment variables should auto-fill.
  • Fill in the necessary values
API_VERSION=Production
AURORA_ENDPOINT=
AURORA_KEY=
AURORA_USER_ID=
AWS_ACCESS_KEY=
AWS_SECRET_KEY=
AZURE_CLIENT_ID=
AZURE_CLIENT_SECRET=
AZURE_RESOURCE_GROUP=
AZURE_SUBSCRIPTION_ID=
AZURE_TENANT_ID=
CERT_NAME=**ENTER CERT NAME**
CLOUDFLARE_EMAIL=
CLOUDFLARE_KEY=
DNSIMPLE_EMAIL=
DNSIMPLE_KEY=
DNS_RESOLVERS=8.8.8.8:53,8.8.4.4:53
DOMAINS=**ENTER DOMAIN NAME**
DO_ACCESS_TOKEN=
DYN_CUSTOMER_NAME=
DYN_PASSWORD=
DYN_USER_NAME=
EMAIL=**ENTER YOUR EMAIL**
EULA=Yes
GANDI_API_KEY=
NS1_API_KEY=
OVH_APPLICATION_KEY=
OVH_APPLICATION_SECRET=
OVH_CONSUMER_KEY=
PROVIDER=HTTP
PUBLIC_KEY_TYPE=RSA-2048
RENEWAL_PERIOD_DAYS=20
RENEWAL_TIME=12
RUN_ONCE=false
VULTR_API_KEY=
@fridgerator

This comment has been minimized.

Copy link
Owner Author

@fridgerator fridgerator commented Nov 25, 2019

I missed a step

  • In the "Labels" tab, create the following 2 labels:
io.rancher.container.agent.role=environment
io.rancher.container.create_agent=true
@timothystewart6

This comment has been minimized.

Copy link

@timothystewart6 timothystewart6 commented May 5, 2020

This is in case you didn't already create the service using janeczku/rancher-letsencrypt:v0.5.0 correct?

@lgaticaq

This comment has been minimized.

Copy link

@lgaticaq lgaticaq commented Jul 22, 2020

Hi. I am create a rancher catalog with the new template for letsencrypt https://github.com/escaleno-ltda/rancher-catalog/tree/master/templates/letsencrypt/0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment