-
|
i am planning to migrate from nginx proxy manager to sentinel and like have a proper integration of certbot into the docker compose setup of sentinel . Are you planning to have support of let's encrypt with a deeper integration of sentinel in the future ? `services: auth-agent: echo-agent: certbot: volumes: networks: `listeners { routes { } upstreams { cheers peter |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 3 replies
-
|
Hi Peter, Thanks so much for your interest in Sentinel - it's awesome to see someone planning a migration from nginx-proxy-manager! Your timing is actually perfect: built-in ACME/Let's Encrypt support literally just landed yesterday in version Before diving in, I want to be upfront: we're still in early development, so things might be a bit bumpy here and there. That said, we'd be thrilled to have you as one of our first real-world adopters! Your feedback would be invaluable in helping us smooth out the experience for everyone who comes after you. Please don't hesitate to report any issues or rough edges you encounter - we're here to help and genuinely want to make this work well for you. Here's how the new ACME integration works: 1. Simplified Docker Compose (no certbot needed): services:
sentinel:
image: ghcr.io/raskell-io/sentinel:26.01_6 # or :latest
ports:
- "80:8080" # Needed for HTTP-01 challenges
- "443:8443"
- "9090:9090"
volumes:
- ./config:/etc/sentinel:ro
- acme-data:/var/lib/sentinel/acme # Persistent cert storage
- sockets:/var/run/sentinel
networks:
- sentinel
- backend
volumes:
sockets:
acme-data: # Persists certificates across restarts2. Updated KDL Configuration: listeners {
// HTTP listener for ACME challenges (required for HTTP-01)
listener "http" {
address "0.0.0.0:8080"
protocol "http"
}
listener "https" {
address "0.0.0.0:8443"
protocol "https"
tls {
acme {
email "your-email@example.com"
domains "cloud.home.lan" "oh.home.lan" "grafana.home.lan"
staging false // Set to true for testing first!
storage "/var/lib/sentinel/acme"
renew-before-days 30
}
}
}
}A few things to keep in mind:
If you run into any snags or have questions along the way, just drop them here or open an issue. I am happy to help you get up and running! Cheers, |
Beta Was this translation helpful? Give feedback.
-
|
very cool , please keep on doing the great work. |
Beta Was this translation helpful? Give feedback.
i just recognized that you already have wildcard certificate support.
i do have cloudflare dns api token , how would a sample configuration of webhook look like for this ?
{"token": "my_ cloudflare_dns_api_token"}thanks