Merge pull request #5 from NiiWiiCamo/combined_dockerfile

added certbot compose and auth hook
2025-07-10 14:15:14 +02:00 · 2024-07-24 13:43:00 +02:00 · 2024-07-24 13:43:00 +02:00 · 26e6de6051
commit 26e6de6051
parent be112a3592 e90f67e342
2 changed files with 43 additions and 7 deletions
--- a/auth-hook.sh
+++ b/auth-hook.sh
@ -0,0 +1,15 @@
+# ownDynDNS auth script for certbot dns-01 challenge
+
+# install curl
+$(apk --no-cache add curl)
+
+ACME_PREFIX="_acme-challenge"
+
+if [ -z "${DDNS_HOST}" ]; then DDNS_HOST=${ACME_PREFIX}; else DDNS_HOST=${ACME_PREFIX}.${DDNS_HOST}; fi
+
+PAYLOAD="force=true&user=${DDNS_USER}&password=${DDNS_PASS}&txt=${CERTBOT_VALIDATION}&domain=${DDNS_DOMAIN}&host=${DDNS_HOST}&create=true"
+
+# echo ${PAYLOAD}
+
+curl -sSL -X POST --data "${PAYLOAD}" ${DDNS_SCRIPT} \
+&& sleep 300
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -3,11 +3,11 @@ services:
    container_name: dyndns
    image: niiwiicamo/owndyndns
    environment:
-      DDNS_USER: changeme
-      DDNS_PASS: changeme
-      NETCUP_APIKEY: 12345asdf
-      NETCUP_APIPASS: asdf12345
-      NETCUP_CUSTOMERID: 01234
+      DDNS_USER: ${DDNS_USER}
+      DDNS_PASS: ${DDNS_PASS}
+      NETCUP_APIKEY: ${NETCUP_APIKEY}
+      NETCUP_APIPASS: ${NETCUP_APIPASS}
+      NETCUP_CUSTOMERID: ${NETCUP_CUSTOMERID}
      DDNS_DEBUG: 0  # optional, default: 0
      DDNS_LOG: 0  # optional, default: 1
      # DDNS_LOGFILE: log.json  # optional, default: log.json
@ -16,5 +16,26 @@ services:
      # DDNS_RESTRICTDOMAIN: 0  # optional, default: 0
      # DDNS_FORCEDDOMAIN: example.net  # optional, default empty
      # DDNS_FORCEDHOST: hostname  # optional, default empty
-    ports:
-      - 8080:8080
+    # ports:
+    #   - 8080:8080
+
+  certbot:
+    container_name: certbot
+    image: certbot/certbot
+    depends_on:
+      owndyndns:
+        condition: service_healthy
+    environment:
+      DDNS_USER: ${DDNS_USER}
+      DDNS_PASS: ${DDNS_PASS}
+      DDNS_HOST: ${DDNS_HOST}
+      DDNS_DOMAIN: ${DDNS_DOMAIN}
+      DDNS_SCRIPT: http://dyndns:8080/update.php
+      DDNS_EMAIL: ${DDNS_EMAIL} # the email used for LetsEncrypt registration
+    volumes:
+      - ./auth-hook.sh:/auth-hook.sh
+      - letsencrypt:/etc/letsencrypt
+    command: "certonly --manual --preferred-challenges=dns --agree-tos --email ${DDNS_EMAIL} --non-interactive --manual-auth-hook /auth-hook.sh -d ${DDNS_HOST}.${DDNS_DOMAIN}"
+
+volumes:
+  letsencrypt: