mirror
/
docker-documentation
kopia lustrzana https://github.com/linuxserver/docker-documentation
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Bot Updating Documentation

pull/268/head
LinuxServer-CI 2024-12-01 23:13:33 +00:00
rodzic 4e0add78fc
commit fcfc336f38
Nie znaleziono w bazie danych klucza dla tego podpisu
1 zmienionych plików z 12 dodań i 7 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

19
docs/images/docker-swag.md
Wyświetl plik

@ -47,7 +47,7 @@ The architectures supported by this image are:
1. Certs that only cover your main subdomain (ie. `yoursubdomain.duckdns.org`, leave the `SUBDOMAINS` variable empty)
2. Certs that cover sub-subdomains of your main subdomain (ie. `*.yoursubdomain.duckdns.org`, set the `SUBDOMAINS` variable to `wildcard`)
* `--cap-add=NET_ADMIN` is required for fail2ban to modify iptables
* After setup, navigate to `https://yourdomain.url` to access the default homepage (http access through port 80 is disabled by default, you can enable it by editing the default site config at `/config/nginx/site-confs/default.conf`).
* After setup, navigate to `https://example.com` to access the default homepage (http access through port 80 is disabled by default, you can enable it by editing the default site config at `/config/nginx/site-confs/default.conf`).
* Certs are checked nightly and if expiration is within 30 days, renewal is attempted. If your cert is about to expire in less than 30 days, check the logs under `/config/log/letsencrypt` to see why the renewals have been failing. It is recommended to input your e-mail in docker parameters so you receive expiration notices from Let's Encrypt in those circumstances.
### Certbot Plugins
@ -130,6 +130,10 @@ Please follow the instructions [on this blog post](https://www.linuxserver.io/bl
To help you get started creating a container from this image you can either use docker-compose or the docker cli.
!!! info
Unless a parameter is flaged as 'optional', it is *mandatory* and a value must be provided.
### docker-compose (recommended, [click here for more info](https://docs.linuxserver.io/general/docker-compose))
```yaml
@ -144,7 +148,7 @@ services:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
- URL=yourdomain.url
- URL=example.com
- VALIDATION=http
- SUBDOMAINS=www, #optional
- CERTPROVIDER= #optional
@ -171,7 +175,7 @@ docker run -d \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Etc/UTC \
-e URL=yourdomain.url \
-e URL=example.com \
-e VALIDATION=http \
-e SUBDOMAINS=www, `#optional` \
-e CERTPROVIDER= `#optional` \
@ -196,8 +200,8 @@ Containers are configured using parameters passed at runtime (such as those abov
| Parameter | Function |
| :----: | --- |
| `443` | Https port |
| `80` | Http port (required for http validation and http -> https redirect) |
| `443:443` | HTTPS port |
| `80:80` | HTTP port (required for HTTP validation and HTTP -> HTTPS redirect) |
### Environment Variables (`-e`)
@ -206,7 +210,7 @@ Containers are configured using parameters passed at runtime (such as those abov
| `PUID=1000` | for UserID - see below for explanation |
| `PGID=1000` | for GroupID - see below for explanation |
| `TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). |
| `URL=yourdomain.url` | Top url you have control over (`customdomain.com` if you own it, or `customsubdomain.ddnsprovider.com` if dynamic dns). |
| `URL=example.com` | Top url you have control over (e.g. `example.com` if you own it, or `customsubdomain.example.com` if dynamic dns). |
| `VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). |
| `SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) |
| `CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. |
@ -214,7 +218,7 @@ Containers are configured using parameters passed at runtime (such as those abov
| `PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. |
| `EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). |
| `ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` |
| `EXTRA_DOMAINS=` | Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org,*.anotherdomain.org` |
| `EXTRA_DOMAINS=` | Additional fully qualified domain names (comma separated, no spaces) ie. `example.net,subdomain.example.net,*.example.org` |
| `STAGING=false` | Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes. |
### Volume Mappings (`-v`)
@ -227,6 +231,7 @@ Containers are configured using parameters passed at runtime (such as those abov
| Parameter | Function |
| :-----: | --- |
| `--cap-add=NET_ADMIN` | Required for fail2Ban to be able to modify iptables rules. |
### Portainer notice