haproxy image will:
Create a self signed default certificate, so HAproxy can start before we
have any real certificates.
/etc/letsencrypt/livedirectory and when changes are detected,
install combined certificates and reload HAproxy.
letsencrypt image will:
- Automatically create or renew certificates on startup and daily thereafter.
In your stack file:
Link to the
letsencryptservice from the
volumes_from: letsencryptin the
DOMAINSenvironment variable in the
Certificates are separated by semi-colon (;) and domains are separated by
will be used for all certificates.
OPTIONSenvironment variable in the
you want to pass additional arguments to
Several environment variables are hard coded, and don't need to be defined in
your stack file:
DEFAULT_SSL_CERTenvironment variable is set to the value of the
default/first Let's Encrypt certificate (if not already explicitly set),
to ensure SSL termination is enabled.
VIRTUAL_HOST_WEIGHTenvironment variables are hard
coded in the
letsencryptimage, to ensure challenge requests for all
domains are proxied to the
A sample stack file is provided.