Skip to content

Instantly share code, notes, and snippets.

@jozko
Last active May 18, 2021 12:47
Show Gist options
  • Save jozko/a244a3d2651670fe292285bb33bab73e to your computer and use it in GitHub Desktop.
Save jozko/a244a3d2651670fe292285bb33bab73e to your computer and use it in GitHub Desktop.
Working Digitalocean DNS-01 challenge for Letsencrypt certs
version: "3.3"
# Domain DNS should obviously be hosted with DO.
services:
traefik:
image: "traefik:v2.4"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.dnschallenge=true"
- "--certificatesresolvers.myresolver.acme.dnschallenge.provider=digitalocean"
- "--certificatesresolvers.myresolver.acme.dnschallenge.resolvers=ns1.digitalocean.com"
# - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myresolver.acme.email=mail@mydomain.tld"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "8080:8080"
environment:
- "DO_AUTH_TOKEN=$do_auth_token"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
whoami:
image: "traefik/whoami"
container_name: "simple-service"
labels:
- "traefik.enable=true"
- "traefik.http.routers.whoami.rule=Host(`acme.mydomain.tld`)"
- "traefik.http.routers.whoami.entrypoints=websecure"
- "traefik.http.routers.whoami.tls.certresolver=myresolver"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment