module
Version:
v0.1.5
Opens a new window with list of versions in this module.
Published: Dec 5, 2023
License: BSD-3-Clause
Opens a new window with license information.
README
¶
certdeploy
All-in-one BYOC (Bring Your Own Certificates) solution for CDN services, help you to deploy
SSL (HTTPS) certificates automatically to CDN services.
Supported deployers
CDN Providers
- Aliyun (CDN)
- Upyun (CDN)
- Tencent Cloud (CDN)
- UDomain (CDN)
- Volc Engine (CDN and DCDN)
Deploys to all CDN domains which matched by given certificate.
Azure KeyVault
Updates all certificates in specified KeyVault, if and only if all domains in existing
certificate are covered by given certificate.
Environment Variables
CERT_PATH
- Certificate file path, should contain certificate and all intermediate certificates. LEGO_CERT_PATH
is also supported.
CERT_KEY_PATH
- Certificate key file path, should contain private key for certificate. LEGO_CERT_KEY_PATH
is also supported.
CERT_DEPLOYER
- Deployer vendor. Default: aliyun
Aliyun deployer
CERT_DEPLOYER
- aliyun
ALIYUN_ACCESS_KEY_ID
- Access key ID for aliyun CDN. User should have AliyunCDNFullAccess
permission.
ALIYUN_ACCESS_KEY_SECRET
- Access key secret for aliyun CDN.
ALIYUN_CERT_UPDATE_ONLY
- If true
, only certs for CDN domains with SSL enabled will be updated. Default: false
ALIYUN_CERT_RESOURCE_GROUP
- If given, only certs for domains under this resource group will be updated. Default: (empty)
Upyun deployer
CERT_DEPLOYER
- upyun
UPYUN_USERNAME
- Upyun login username
UPYUN_PASSWORD
- Upyun login password. 2FA is not supported now.
Tencent Cloud deployer
CERT_DEPLOYER
- tencentcloud
TENCENTCLOUD_SECRET_ID
- Secret ID for tencent cloud.
TENCENTCLOUD_SECRET_KEY
- Secret Key for tencent cloud.
TENCENTCLOUD_CERT_UPDATE_ONLY
- If true
, only certs for CDN domains with SSL enabled will be updated. Default: false
UDomain deployer
Volc Engine deployer
Required ACL policy
{
"Statement": [{
"Effect": "Allow",
"Action": [
"dcdn:ListCertBind",
"dcdn:CreateCertBind",
"CDN:AddCdnCertificate",
"CDN:DescribeCertConfig",
"CDN:BatchDeployCert"
],
"Resource": ["*"]
}]
}
CERT_DEPLOYER
- volc
VOLC_ACCESS_KEY_ID
- Access Key ID.
VOLC_SECRET_ACCESS_KEY
- Secret Access Key.
VOLC_DEPLOY_TARGETS
- cdn
, dcdn
, cdn,dcdn
(default)
Azure KeyVault deployer
Click to show internal directories.
Click to hide internal directories.