30 lines
957 B
30 lines
957 B
description: "Let's Encrypt server"
|
|
type: run-once
|
|
maintainer: "Valentin Lab <valentin.lab@kalysto.org>"
|
|
## XXXvlab: docker uses the 'build' directory or the 'image:' option here.
|
|
docker-image: docker.0k.io/letsencrypt
|
|
data-resources:
|
|
- /etc/letsencrypt ## yes certificates are stored here, this is data
|
|
- /var/log/letsencrypt ## logs
|
|
- /var/lib/tldextract ## latest data about TLDs, this is used by lexicon...
|
|
default-options:
|
|
renew-before-expiry: 30
|
|
|
|
provides:
|
|
cert-provider:
|
|
uses:
|
|
log-rotate:
|
|
#constraint: required | recommended | optional
|
|
#auto: pair | summon | none ## default: pair
|
|
constraint: recommended
|
|
auto: pair
|
|
solves:
|
|
disk-leak: "/var/log/letsencrypt"
|
|
#default-options:
|
|
schedule-command:
|
|
constraint: recommended
|
|
auto: summon
|
|
solves:
|
|
missing-feature: "Automatic certificate renewal"
|
|
default-options:
|
|
schedule: "30 3 * * 7" ## schedule log renewal every week
|