Hello lovely people of r/docker.
I have create a SSL/TLS certificate server that can generate certificates with Certbot/Let's Encrypt and also serve certs from third parties.
I started it last year but decided to finish it off these last couple months during lockdown downtime.
It's called [CertCache](https://github.com/93million/certcache)
These are it's main features:
* Securely share TLS certificates between a number of client instances
* Generate certificates dynamically using Let's Encrypt
* Avoid Let's Encrypt usage limits by serving certificates from a cache
* Share manually downloaded TLS certificates from third parties such as Verisign
* Declaratively define certificates within config - either in a JSON config file or in `docker-compose.yml` (as demoed above)
* Generate wildcard domain certificates using DNS-01 challenges even if your DNS provider isn't supported by a Certbot plugin
To give you taster of operator experience - you can specify certificates in docker-compose.yml - eg. like this:
To access the certs from a container like Nginx, you would do this:
Certs and keys would be made available in the Nginx container at `/etc/certcache/certs/web/fullchain.pem` and `/etc/certcache/certs/web/privkey.pem`.
Certs are fetched and installed on `docker-compose up` - and kept up to date
Usage steps in the readme - https://github.com/93million/certcache/blob/master/README.md
Docker Hub: https://hub.docker.com/r/93million/certcache
Currently it only supports generation using Certbot but I can add support for acme.sh if there is demand.
Happy Friday everyone!
Edit: thank you for the gold kind Redditor
(also edit yaml syntax)