certbot/dns-cloudflare 用于认证。

huangapple go评论67阅读模式
英文:

certbot/dns-cloudflare for authentik

问题

我恰好在Cloudflare DNS上运行一个域,我想要在authentik部署中使用。根据相应的文档,似乎可以很容易地使用certbot获取ACME/letsencrypt证书。

我在docker-compose.override.yml中修改了示例代码片段,如下所示:

root@debian-2gb-nbg1-1:~# cat docker-compose.override.yml
version: "3.4"

services:
certbot:
image: docker.io/certbot/dns-cloudflare:latest
volumes:
- ./certs/:/etc/letsencrypt
# Variables depending on DNS Plugin
environment:
CLOUDFLARE_API_TOKEN: <redacted>
command:
- certonly
- --non-interactive
- --agree-tos
- --dns-cloudflare
# - --dns-cloudflare-credentials cloudflare.ini
- -m <redacted>
- -d <redacted>
- -v


在运行```docker-compose up -d```之后,certbot立即退出。令我困惑的部分是,日志文件显示:

```certbot: error: unrecognized arguments: --dns-cloudflare-credentials cloudflare.ini```

而certbot-dns-cloudflare的[文档][1]表示,这是一个必需的参数。

我错过了什么?
英文:

I happen to run a domain on Cloudflare DNS that I want to use for an authentik deployment. From the corresponding documentation it seems to be rather straight forward to use certbot to get ACME/letsencrypt certificates.

I modified the example snippet in docker-compose.override.yml to the following:

root@debian-2gb-nbg1-1:~# cat docker-compose.override.yml 
version: &quot;3.4&quot;

services:
    certbot:
        image: docker.io/certbot/dns-cloudflare:latest
        volumes:
            - ./certs/:/etc/letsencrypt
        # Variables depending on DNS Plugin
        environment:
            CLOUDFLARE_API_TOKEN: &lt;redacted&gt;
        command:
            - certonly
            - --non-interactive
            - --agree-tos
            - --dns-cloudflare
            # - --dns-cloudflare-credentials cloudflare.ini
            - -m &lt;redacted&gt;
            - -d &lt;redacted&gt;
            - -v

certbot immediately exits after running docker-compose up -d

The confusing part to me is, the log files says:

certbot: error: unrecognized arguments: --dns-cloudflare-credentials cloudflare.ini

Whereas the documentation for certbot-dns-cloudflare says, this is a required argument.

What am I missing?

答案1

得分: 1

这对我有用,

version: '3.4'

services:
  server:
    ports:
      - "0.0.0.0:80:9000"
      - "0.0.0.0:443:9443"
  certbot:
    image: certbot/dns-cloudflare
    volumes:
      - ./certs/:/etc/letsencrypt
      - /srv/authentik/cloudflare.ini:/srv/authentik/cloudflare.ini
    command: certonly --non-interactive --dns-cloudflare --dns-cloudflare-credentials /srv/authentik/cloudflare.ini --agree-tos -d authentik.example.com --server https://acme-v02.api.letsencrypt.org/directory
英文:

This worked for me,

version: &#39;3.4&#39;

services:
  server:
    ports:
      - &quot;0.0.0.0:80:9000&quot;
      - &quot;0.0.0.0:443:9443&quot;
  certbot:
        image: certbot/dns-cloudflare
        volumes:
            - ./certs/:/etc/letsencrypt
            - /srv/authentik/cloudflare.ini:/srv/authentik/cloudflare.ini
        command: certonly --non-interactive --dns-cloudflare --dns-cloudflare-credentials /srv/authentik/cloudflare.ini --agree-tos -d authentik.example.com --server https://acme-v02.api.letsencrypt.org/directory

huangapple
  • 本文由 发表于 2023年2月18日 04:01:32
  • 转载请务必保留本文链接:https://go.coder-hub.com/75488765.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定