Skip to content

CloudFlare DNS Challenge #151

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 5 commits into from
Closed

CloudFlare DNS Challenge #151

wants to merge 5 commits into from

Conversation

OhHeyAlan
Copy link
Contributor

Not sure how to route the certs to the backend of Nginx-Proxy-Manager but I can confirm that running this stack will allow LetsEncrypt/CertBot to do a DNS challenge via CloudFlare for wildcard certs.

OhHeyAlan added 5 commits May 24, 2019 17:05
@OhHeyAlan
Merge pull request #1 from jc21/master
5bdb72c 
update
@OhHeyAlan
LETSENCRYPT CLOUDFLARE DNS CHALLANGE
809f0ed 
Adds LETSENCRYPT CLOUDFLARE DNS CHALLANGE
@OhHeyAlan
Create .env
ba6c396 
.env file to configure Cloudflare DNS challange
@OhHeyAlan
Create domains.conf
cf97601 
Add your ___domain to have a wildcard cert generated
@OhHeyAlan
Update IMPORTING.md
a0465d6 
Added letsencrypt-dns Service
@jc21
Copy link
Member

jc21 commented May 25, 2019

Docker Image for build 1 is available on DockerHub as jc21/nginx-proxy-manager:github-pr-151-amd64

@jodfie
Copy link

jodfie commented Jun 20, 2019

sorry to be a bit of a dunce here... but after adding the LE docker and the conf and Env configured... how do i utilize this?

@tomschlick
Copy link

Any status on this PR? This would be a great addition IMO.

@jc21
Copy link
Member

jc21 commented Aug 20, 2019

@jodfie makes a good point, I'd be happier to merge this if there was a new readme file in the doc folder specifically for Cloudfare DNS Challenge setup.

@jc21
Copy link
Member

jc21 commented Aug 20, 2019

Also, please change this PR to the develop branch.

@jonfairbanks
Copy link

Hey @OhHeyAlan, can you make these changes? Would love to see this committed.

@jodfie
Copy link

jodfie commented Oct 18, 2019

bumping this again to ask @OhHeyAlan if he can correct this so it can be implemented and also how to set it up?...

@cristiangauma
Copy link

@jc21 is there any chance this will be merged or re-implemented soon?. DNS-Challenge would be awesome, as a lot of us don't publish our Proxy as it is part of our home/internal network.

@cristiangauma
Copy link

I've been checking this PR.

It only adds the necessary code to launch another container to do the DNS-Challenge and to download the certificates, but it doesn't add any value to NPM itself using the app as the certificate manager using DNS Challenge. We already can download the certificates via multiple ways using externals tools (the container used in this PR, acme.sh, certbot installed locally...), which is what this PR is doing.

I've been also checking the NPM repo and if I could follow the code properly (I'm not a Node/Javascript person) I've not seen an automatic way to import .pem/.crt&.key from a directory.

Maybe, if there would be a way to do it, this PR (or other tools) could work as we could share/use volumes to share the data between the certificates downloader and NPM.

Is there a way to import certificates from a directory?.

@jc21
Copy link
Member

jc21 commented Dec 11, 2019

No there isn't a way to do this - but a bash script that curl's the NPM API would be enough to add or update certs.

But yes I agree, adding another container to the stack doesn't really solve the root cause: the interface and flow doesn't support dns challenges well at all.

@jc21 jc21 closed this Feb 19, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@OhHeyAlan @jc21 @jodfie @tomschlick @jonfairbanks @cristiangauma