Add Let's encrypt addon (#2)

* Add Let's encrypt addon * fix copy past stuff * Update README.md * Update config.json * Update config.json * Update README.md * Update script * finish first version * update description
2025-12-17 21:24:20 +01:00 · 2017-04-22 23:29:25 +02:00
parent 8fe4e95774
commit dc1c0e6579
4 changed files with 86 additions and 0 deletions
--- a/letsencrypt/Dockerfile
+++ b/letsencrypt/Dockerfile
@@ -0,0 +1,14 @@
+FROM %%BASE_IMAGE%%
+
+# Add version
+ENV VERSION %%VERSION%%
+ENV LANG C.UTF-8
+
+# Setup base
+RUN apk add --no-cache jq git python
+
+# Copy data
+COPY run.sh /
+RUN chmod 775 /run.sh
+
+CMD [ "/run.sh" ]
--- a/letsencrypt/README.md
+++ b/letsencrypt/README.md
@@ -0,0 +1,9 @@
+# Let's Encrypt
+Manage let's encrypt certificate for HomeAssistant and HassIO addons.
+
+First run generate certificates and next run of addon will renew it. You can automate the renew with HomeAssistant automation and call hassio.addon_start.
+
+## Options
+
+- `email`: your email address for register
+- `domains`: a list with domains
--- a/letsencrypt/config.json
+++ b/letsencrypt/config.json
@@ -0,0 +1,24 @@
+{
+  "name": "Let's Encrypt",
+  "version": "0.1",
+  "slug": "letsencrypt",
+  "description": "Manage let's encrypt certificate",
+  "startup": "once",
+  "boot": "manual",
+  "ports": {
+    "80/tcp": 80
+   },
+  "map_ssl": true,
+  "options": {
+    "email": null,
+    "domains": [null],
+    "certfile": "fullchain.pem",
+    "keyfile": "keyfile.pem"
+  },
+  "schema": {
+    "email": "email",
+    "domain": ["str"],
+    "certfile": "str",
+    "keyfile": "str"
+  }
+}
--- a/letsencrypt/run.sh
+++ b/letsencrypt/run.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+
+set -e
+
+CERT_DIR=/data/letsencrypt
+WORK_DIR=/data/workdir
+CONFIG_PATH=/data/options.json
+
+EMAIL=$(jq --raw-output ".email" $CONFIG_PATH)
+DOMAINS=$(jq --raw-output ".domains[]" $CONFIG_PATH)
+KEYFILE=$(jq --raw-output ".keyfile" $CONFIG_PATH)
+CERTFILE=$(jq --raw-output ".certfile" $CONFIG_PATH)
+
+# setup letsencrypt setup
+if [ ! -f /data/certbot-auto ]; then
+    cd /data
+    curl -O https://dl.eff.org/certbot-auto
+    chmod 775 certbot-auto
+fi
+
+# Start program
+if [ -d $CERT_DIR ]; then
+    /data/certbot-auto renew --non-interactive --config-dir $CERT_DIR --work-dir $WORK_DIR
+else
+    # generate domains
+    while IFS=$'\n' read -r line; do
+        if [ -z "$DOMAIN_ARG" ]; then
+            DOMAIN_ARG="-d $line"
+        else
+            DOMAIN_ARG="$DOMAIN_ARG -d $line"
+        fi
+    done <<< "$DOMAINS"
+
+    /data/certbot-auto certonly --non-interactive --standalone --email $EMAIL --config-dir $CERT_DIR --work-dir "$DOMAIN_ARG"
+fi
+
+# copy certs to store
+cp /data/letsencrypt/live/*/privkey.pem /ssl/KEYFILE
+cp /data/letsencrypt/live/*/fullchain.pem /ssl/CERTFILE