Skip to content

Instantly share code, notes, and snippets.

@jeffersonsouza

jeffersonsouza/instructions.md

Forked from fridgerator/instructions.md
Last active February 26, 2020 16:25
Show Gist options
  • Save jeffersonsouza/6b83b97dc9bd5793df0afdc07015d4b3 to your computer and use it in GitHub Desktop.
Save jeffersonsouza/6b83b97dc9bd5793df0afdc07015d4b3 to your computer and use it in GitHub Desktop.
Download ZIP
Auto-renewing Lets Encrypt certificates for Rancher 1.6
Raw
instructions.md

Lets Encrypt has removed their ACME V1 api in favor of ACME V2. The Rancher 1.6 catalog entry for Lets Encrypt certificates doesn't support this api. There is a forked version of the repo, however the service has to be created manually instead of from the catalog.

  1. Create a new service, give it a name, use vxcontrol/rancher-letsencrypt:v1.0.0 for the image
  2. In the "Volumes" tab, add a volume /var/lib/rancher:/var/lib/rancher
  3. In the "Command" tab, set the "Console" option to none
  4. Click to add an Environment Variable, and paste the following into the first "Variable" input field.
  • All of the environment variables should auto-fill.
  • Fill in the necessary values
API_VERSION=Production
AURORA_ENDPOINT=
AURORA_KEY=
AURORA_USER_ID=
AWS_ACCESS_KEY=
AWS_SECRET_KEY=
AZURE_CLIENT_ID=
AZURE_CLIENT_SECRET=
AZURE_RESOURCE_GROUP=
AZURE_SUBSCRIPTION_ID=
AZURE_TENANT_ID=
CERT_NAME=**ENTER CERT NAME**
CLOUDFLARE_EMAIL=
CLOUDFLARE_KEY=
DNSIMPLE_EMAIL=
DNSIMPLE_KEY=
DNS_RESOLVERS=8.8.8.8:53,8.8.4.4:53
DOMAINS=**ENTER DOMAIN NAME**
DO_ACCESS_TOKEN=
DYN_CUSTOMER_NAME=
DYN_PASSWORD=
DYN_USER_NAME=
EMAIL=**ENTER YOUR EMAIL**
EULA=Yes
GANDI_API_KEY=
NS1_API_KEY=
OVH_APPLICATION_KEY=
OVH_APPLICATION_SECRET=
OVH_CONSUMER_KEY=
PROVIDER=HTTP
PUBLIC_KEY_TYPE=RSA-2048
RENEWAL_PERIOD_DAYS=20
RENEWAL_TIME=12
RUN_ONCE=false
VULTR_API_KEY=
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment