scripts
/
automate
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
automate/020_acme-dns_docker.sh

144 lines
4.5 KiB
Bash
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/usr/bin/env bash
DEST="/var/tmp/test_acme-dns"
# https://hub.docker.com/r/joohoi/acme-dns/#using-docker
# Using Docker
# Pull the latest acme-dns Docker image: docker pull joohoi/acme-dns.
docker pull joohoi/acme-dns
# Create directories: config for the configuration file, and data for the sqlite3 database.
mkdir -p $DEST/{config,data}
# Copy configuration template to config/config.cfg.
# <https://raw.githubusercontent.com/joohoi/acme-dns/master/config.cfg>
curl -o $DEST/config/config.cfg https://raw.githubusercontent.com/joohoi/acme-dns/master/config.cfg
# Modify the config.cfg to suit your needs.
conf_print_acme-dns_config() {
cat <<EOF
[general]
# DNS interface. Note that systemd-resolved may reserve port 53 on 127.0.0.53
# In this case acme-dns will error out and you will need to define the listening interface
# for example: listen = "127.0.0.1:53"
listen = "127.0.0.1:53"
# protocol, "both", "both4", "both6", "udp", "udp4", "udp6" or "tcp", "tcp4", "tcp6"
protocol = "both"
# domain name to serve the requests off of
domain = "auth.example.org"
# zone name server
nsname = "auth.example.org"
# admin email address, where @ is substituted with .
nsadmin = "admin.example.org"
# predefined records served in addition to the TXT
records = [
# domain pointing to the public IP of your acme-dns server
"auth.example.org. A 198.51.100.1",
# specify that auth.example.org will resolve any *.auth.example.org records
"auth.example.org. NS auth.example.org.",
]
# debug messages from CORS etc
debug = false
[database]
# Database engine to use, sqlite3 or postgres
engine = "sqlite3"
# Connection string, filename for sqlite3 and postgres://$username:$password@$host/$db_name for postgres
# Please note that the default Docker image uses path /var/lib/acme-dns/acme-dns.db for sqlite3
connection = "/var/lib/acme-dns/acme-dns.db"
# connection = "postgres://user:password@localhost/acmedns_db"
[api]
# listen ip eg. 127.0.0.1
ip = "0.0.0.0"
# disable registration endpoint
disable_registration = false
# listen port, eg. 443 for default HTTPS
port = "443"
# possible values: "letsencrypt", "letsencryptstaging", "cert", "none"
tls = "letsencryptstaging"
# only used if tls = "cert"
tls_cert_privkey = "/etc/tls/example.org/privkey.pem"
tls_cert_fullchain = "/etc/tls/example.org/fullchain.pem"
# only used if tls = "letsencrypt"
acme_cache_dir = "api-certs"
# optional e-mail address to which Let's Encrypt will send expiration notices for the API's cert
notification_email = ""
# CORS AllowOrigins, wildcards can be used
corsorigins = [
"*"
]
# use HTTP header to get the client ip
use_header = false
# header name to pull the ip address / list of ip addresses from
header_name = "X-Forwarded-For"
[logconfig]
# logging level: "error", "warning", "info" or "debug"
loglevel = "debug"
# possible values: stdout, TODO file & integrations
logtype = "stdout"
# file path for logfile TODO
# logfile = "./acme-dns.log"
# format, either "json" or "text"
logformat = "text"
EOF
}
conf_print_acme-dns_config | tee ${DEST}/config/config.cfg
# Run Docker, this example expects that you have port = "80" in your config.cfg:
conf_print_docker_run_acme_dns() {
cat <<EOF
docker run --rm --name acmedns \
-p 53:53 \
-p 53:53/udp \
-p 80:80 \
-v /path/to/your/config:/etc/acme-dns:ro \
-v /path/to/your/data:/var/lib/acme-dns \
-d joohoi/acme-dns
EOF
}
conf_print_docker_run_acme_dns | tee ${DEST}/docker-run_acme-dns.sh
# Docker Compose
# Create directories: config for the configuration file, and data for the sqlite3 database.
mkdir -p $DEST/{config,data}
# Copy configuration template to config/config.cfg.
conf_print_docker_run_acme_dns | tee $DEST/config/config.cfg
# Copy docker-compose.yml from the project
curl -o $DEST/docker-compose.yml https://raw.githubusercontent.com/joohoi/acme-dns/master/docker-compose.yml
#, or create your own.
conf_print_acme_dns_docker_compose() {
cat <<EOF
version: '2'
services:
acmedns:
build:
context: .
dockerfile: Dockerfile
image: joohoi/acme-dns:latest
ports:
- "443:443"
- "53:53"
- "53:53/udp"
- "80:80"
volumes:
- ./config:/etc/acme-dns:ro
- ./data:/var/lib/acme-dns
EOF
}
conf_print_acme_dns_docker_compose | tee $DEST/docker-compose.yml
# Edit the config/config.cfg and docker-compose.yml to suit your needs, and run docker-compose up -d.
docker-compose up -d
Reference in New Issue View Git Blame Copy Permalink