Merge pull request #385 from mailcow/dev

Ability to skip LE with a config parameter

data/Dockerfiles/acme/docker-entrypoint.sh

@@ -1,5 +1,11 @@
 #!/bin/bash
 
+if [[ ! "${SKIP_LETS_ENCRYPT}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
+    echo "Skipping Let's Encrypt..."
+    exit 0
+fi
+
+
 ACME_BASE=/var/lib/acme
 SSL_EXAMPLE=/var/lib/ssl-example
 mkdir -p ${ACME_BASE}/acme/private

docker-compose.yml

@@ -284,20 +284,19 @@ services:
     acme-mailcow:
       depends_on:
         - nginx-mailcow
-      image: mailcow/acme:1.0
+      image: mailcow/acme:1.1
       build: ./data/Dockerfiles/acme
       dns:
         - 172.22.1.254
       dns_search: mailcow-network
-      # All domains to be included in the certificate
       environment:
         - CONTAINERS_RESTART=mailcowdockerized_postfix-mailcow_1 mailcowdockerized_dovecot-mailcow_1 mailcowdockerized_nginx-mailcow_1
-        # Additional subject alternate names
         - ADDITIONAL_SAN=${ADDITIONAL_SAN}
         - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
         - DBNAME=${DBNAME}
         - DBUSER=${DBUSER}
         - DBPASS=${DBPASS}
+        - SKIP_LETS_ENCRYPT=${SKIP_LETS_ENCRYPT:-n}
       volumes:
         - ./data/web/.well-known/acme-challenge:/var/www/acme:rw
         - ./data/assets/ssl:/var/lib/acme/:rw

generate_config.sh

@@ -78,6 +78,10 @@ COMPOSE_PROJECT_NAME=mailcow-dockerized
 # Additional SAN for the certificate
 ADDITIONAL_SAN=
 
+# To never run acme-mailcow for Let's Encrypt, set this to y
+SKIP_LETS_ENCRYPT=n
+
+
 EOF
 
 mkdir -p data/assets/ssl