Skip to content

NixM0nk3y/docker-kong-letsencrypt-arm

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Based heavily on https://github.com/Stono/kong-letsencrypt converted to armhf

Kong LetsEncrypt SSL Generation

The purpose of this repository is to generate LetsEncrypt certificates using dehydrated and then post the updated certificate to a Kong api gateway.

The certificate generation is done using DNS verification rather than the .well-known folder. As a result you need to ensure that you have the correct priviledged on your GKE cluster in order to modify DNS records.

You could quite easily fork this and change this part of the script to send the certificates to something other than Kong, like some shared storage your NGINX server uses, or a Kubernetes secret used on ingress termination.

Use

You need to specify the following environment variables when running the container:

  • KONG_GATEWAY
  • CONTACT_EMAIL
  • FQDN

From there, do run locally, just do docker-compose run --rm letsencrypt.

Use on Kubernetes

As LetsEncrypt certs need periodically updating, you could run this container as a scheduled job. The following example would run this image once per month.

apiVersion: batch/v1beta1
kind: CronJob
metadata:
  name: hello
spec:
  schedule: "0 0 1 * *"
  jobTemplate:
    spec:
      template:
        spec:
          containers:
          - name: letsencypt
            image: eu.gcr.io/your-project/your-image-name

About

Docker image to handle letsencrypt functions for kong

Resources

Stars

Watchers

Forks

Packages

No packages published