github-repos/acme.sh
1
0
Fork 0
mirror of https://github.com/acmesh-official/acme.sh.git synced 2025-03-24 18:40:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

documented new hook multideploy

tomo 2025-03-01 13:20:39 +01:00
parent 97fccc034f
commit 9fbec7b490
1 changed files with 76 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
deployhooks.md

@ -1123,5 +1123,79 @@ Although these notes only mention Unleashed, the deploy hook also supports Rucku
## 36. Deploying to multiple services with the same hooks
> [!WARNING]
> Pending changes from PR [#6241](https://github.com/acmesh-official/acme.sh/pull/6241)! The Wiki will be updated soon.
Multideploy allows you to simultaneously deploy your certificates to multiple services, even those that use the same hook. To be able to use this hook, issue a cert and create a new file `multideploy.yaml` in the directory of the certificate. This must contain a version, the services for which your certificate is to be deployed and configurations that specify which services are to be used. Configurations allow you to group services, which makes it easier to deploy your certificate at once.
### Compatibility
| **acme.sh version** | **multideploy version** | **Pull request status** |
|---------------------|-------------------------|------------------------ |
| <= 3.1.0 | not supported | |
| dev | 1.0 | ![GitHub issue/pull request detail](https://img.shields.io/github/pulls/detail/state/acmesh-official/acme.sh/6241?style=flat-square&label=Pending%20changes) |
<details>
<summary>Version 1.0
</summary>
* Basic configuration of services and configurations.
* Allows multiple configurations that can contain multiple services.
```yaml
version: 1.0
configs:
- name: "default"
services:
- "YOUR_SERVICE"
services:
- name: "YOUR_SERVICE"
hook: "YOUR_HOOK"
environment:
- ENV_TO_EXPORT: "YOUR_CONTENT"
```
</details>
### Example `multideploy.yaml` for three docker containers:
```yaml
# check your acme.sh version in wiki!
version: 1.0
configs:
- name: "default"
services:
- "traefik"
- "adguardhome"
- "technitium-dns"
services:
- name: "traefik"
hook: "docker"
environment:
- DEPLOY_DOCKER_CONTAINER_LABEL: "sh.acme.autoload.service=traefik"
- DEPLOY_DOCKER_CONTAINER_KEY_FILE: "/certs/$DOMAIN_DIR/key.pem",
- DEPLOY_DOCKER_CONTAINER_CERT_FILE: "/certs/$DOMAIN_DIR/cert.pem",
- DEPLOY_DOCKER_CONTAINER_CA_FILE: "/certs/$DOMAIN_DIR/ca.pem",
- DEPLOY_DOCKER_CONTAINER_FULLCHAIN_FILE: "/certs/$DOMAIN_DIR/fullchain.pem"
- name: "adguardhome"
hook: "docker"
environment:
- DEPLOY_DOCKER_CONTAINER_LABEL: "sh.acme.autoload.service=dns01"
- DEPLOY_DOCKER_CONTAINER_KEY_FILE: "/opt/adguardhome/work/data/encryption/$DOMAIN_DIR/key.pem"
- DEPLOY_DOCKER_CONTAINER_FULLCHAIN_FILE: "/opt/adguardhome/work/data/encryption/$DOMAIN_DIR/fullchain.pem"
- name: "technitium-dns"
hook: "docker"
environment:
- DEPLOY_DOCKER_CONTAINER_LABEL: "sh.acme.autoload.service=dns02"
- DEPLOY_DOCKER_CONTAINER_PFX_FILE: "/etc/dns/certs/$DOMAIN_DIR.pfx"
```
`$DOMAIN_DIR` is a provided variable that contains the name of the directory your certificate was created in. You can use this while deploying your certificate to services. This is helpful if you deploy more than one certificate to the same service.
The Configuration `default` should always exist! If you want to have multiple configurations, you can specify which to use with `MULTIDEPLOY_CONFIG`.
```sh
export MULTIDEPLOY_CONFIG="default"
acme.sh --deploy -d example.com --deploy-hook multideploy
```
If no config is exported, the hook will always look for the config `default`!
### Bug reporting / feature request
Create a new issue and mention @tomo2403 to get help. Currently, there is no other contributor for this hook.