Skip to content

Add support for expand #21

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add support for expand #21

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
840a18a
Add support for expand
henti-smith-oxa May 10, 2025
29fbf36
Update docs and Dockerfile
henti-smith-oxa May 10, 2025
63f1e6e
Enhance README and Dockerfile; deprecate CERTBOT_EXPAND
jaydrogers Sep 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,9 @@ The following environment variables can be used to customize the Certbot contain

| Variable | Description | Default Value |
|------------------------|---------------------------------------------------------------------|---------------|
| `CERTBOT_DOMAINS` | Comma-separated list of domains for which to obtain the certificate | - |
| `CERTBOT_DOMAINS` | Comma-separated list of domains for which to obtain the certificate (example: `example.com,www.example.com`) | - |
| `CERTBOT_CERT_NAME` | Explicit certificate name to update/modify ([See official docs →](https://eff-certbot.readthedocs.io/en/stable/using.html#changing-a-certificate-s-domains)) | - |
| `CERTBOT_EXPAND` | **DEPRECATED**: Expand existing certificate to add domains (use CERTBOT_CERT_NAME instead, [see official docs →](https://eff-certbot.readthedocs.io/en/stable/using.html#re-creating-and-updating-existing-certificates)) | `false` |
| `CERTBOT_EMAIL` | Email address for Let's Encrypt notifications | - |
| `CERTBOT_KEY_TYPE` | Type of private key to generate | `ecdsa` |
| `CERTBOT_SERVER` | The ACME server URL | `https://acme-v02.api.letsencrypt.org/directory` |
Expand Down
2 changes: 2 additions & 0 deletions src/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ ARG CERTBOT_GID=9999

ENV CERTBOT_DOMAINS="" \
CERTBOT_EMAIL="" \
CERTBOT_EXPAND=false \
CERTBOT_CERT_NAME="" \
CERTBOT_KEY_TYPE="ecdsa" \
CERTBOT_SERVER="https://acme-v02.api.letsencrypt.org/directory" \
CLOUDFLARE_API_TOKEN="" \
Expand Down
13 changes: 12 additions & 1 deletion src/entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,16 @@ run_certbot() {
debug_flag=""
[ "$DEBUG" = "true" ] && debug_flag="-v"

# Build additional certbot flags using positional parameters
set -- # Reset positional parameters

if [ -n "$CERTBOT_CERT_NAME" ]; then
set -- "$@" --cert-name "$CERTBOT_CERT_NAME"
elif [ "$CERTBOT_EXPAND" = "true" ]; then
set -- "$@" --expand
fi

# Run certbot command
$certbot_cmd $debug_flag certonly \
--dns-cloudflare \
--dns-cloudflare-credentials "$CLOUDFLARE_CREDENTIALS_FILE" \
Expand All @@ -115,7 +125,8 @@ run_certbot() {
--server "$CERTBOT_SERVER" \
--agree-tos \
--non-interactive \
--strict-permissions
--strict-permissions \
"$@"
exit_code=$?
if [ $exit_code -ne 0 ]; then
echo "Error: certbot command failed with exit code $exit_code"
Expand Down