diff --git a/images/docker-letsencrypt.md b/images/docker-letsencrypt.md index d60d2d4e7c..682f1792df 100644 --- a/images/docker-letsencrypt.md +++ b/images/docker-letsencrypt.md @@ -45,11 +45,12 @@ docker create \ -e SUBDOMAINS=www, \ -e VALIDATION=http \ -e DNSPLUGIN=cloudflare `#optional` \ - -e DUCKDNSTOKEN= `#optional` \ - -e EMAIL= `#optional` \ + -e PROPAGATION= `#optional` \ + -e DUCKDNSTOKEN= `#optional` \ + -e EMAIL= `#optional` \ -e DHLEVEL=2048 `#optional` \ -e ONLY_SUBDOMAINS=false `#optional` \ - -e EXTRA_DOMAINS= `#optional` \ + -e EXTRA_DOMAINS= `#optional` \ -e STAGING=false `#optional` \ -p 443:443 \ -p 80:80 `#optional` \ @@ -80,11 +81,12 @@ services: - SUBDOMAINS=www, - VALIDATION=http - DNSPLUGIN=cloudflare #optional - - DUCKDNSTOKEN= #optional - - EMAIL= #optional + - PROPAGATION= #optional + - DUCKDNSTOKEN= #optional + - EMAIL= #optional - DHLEVEL=2048 #optional - ONLY_SUBDOMAINS=false #optional - - EXTRA_DOMAINS= #optional + - EXTRA_DOMAINS= #optional - STAGING=false #optional volumes: - :/config @@ -118,11 +120,12 @@ Docker images are configured using parameters passed at runtime (such as those a | `SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this _exactly_ to `wildcard` (wildcard cert is available via `dns` and `duckdns` validation only) | | `VALIDATION=http` | Letsencrypt validation method to use, options are `http`, `dns` or `duckdns` (`dns` method also requires `DNSPLUGIN` variable set) (`duckdns` method requires `DUCKDNSTOKEN` variable set, and the `SUBDOMAINS` variable must be either empty or set to `wildcard`). | | `DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `aliyun`, `cloudflare`, `cloudxns`, `cpanel`, `digitalocean`, `dnsimple`, `dnsmadeeasy`, `domeneshop`, `gandi`, `google`, `inwx`, `linode`, `luadns`, `nsone`, `ovh`, `rfc2136`, `route53` and `transip`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. | -| `DUCKDNSTOKEN=` | Required if `VALIDATION` is set to `duckdns`. Retrieve your token from https://www.duckdns.org | -| `EMAIL=` | Optional e-mail address used for cert expiration notifications. | +| `PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. | +| `DUCKDNSTOKEN=` | Required if `VALIDATION` is set to `duckdns`. Retrieve your token from https://www.duckdns.org | +| `EMAIL=` | Optional e-mail address used for cert expiration notifications. | | `DHLEVEL=2048` | Dhparams bit value (default=2048, can be set to `1024` or `4096`). | | `ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` | -| `EXTRA_DOMAINS=` | Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org` | +| `EXTRA_DOMAINS=` | Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org` | | `STAGING=false` | Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes. | ### Volume Mappings (`-v`) @@ -212,6 +215,7 @@ We publish various [Docker Mods](https://github.com/linuxserver/docker-mods) to ## Versions +* **04.05.20:** - Allow for optionally setting propagation time for dns plugins. Add repo version of `whois` to replace the built-in busybox version. Update `jail.local` to change default fail2ban ban action to more widely supported `iptables-allports`. * **13.04.20:** - Update cloudflare.ini with token info. * **11.03.20:** - Add php7-sodium. * **06.03.20:** - Implement cert renewal attempt during container start (only if the cert is already expired or will expire within the next 24 hours, otherwise it will be attempted at 2:08am).