This program's purpose is to handle SIGHUP'ing docker container
processes that have a org.eff.certbot.cert_cns label value matching
the supplied string.
The name is a munging together of host, label, SIGHUP and Docker container; with host coming from hostname, el being 2 letters from label, hup being from SIGHUP and tainer being from container.
Installation of this program is quite easy, as it only has one external dependency, and this program includes this dependency in its setup.py file.
That said, there are 3 ways that you can install this program;
-
You can also install this program from a clone of the source repository, as so (remember, if you want to modify the source code without re-installing, pass the
-eflag to PIP):pip install . -
You can also use a pre-built Docker image from the Docker Hub by pulling the image like so:
docker pull jitsusama/hostel-huptainer -
Finally, you can build a Docker image from a clone of the source repository like so:
docker build -t jitsusama/hostel-huptainer .
This program relies on the CERTBOT_HOSTNAME environment variable
being present upon invocation, as it's meant to be called somewhere
downstream of a certbot program engaging with a manual-auth-hook or
manual-cleanup-hook invocation.
I developed this program to be used in conjunction with the lets-do-dns
program. With this in mind, I envision this program primarily being
called by lets-do-dns via the LETS_DO_POSTCMD environment variable
being passed to it.
Here's an example of using this program directly:
CERTBOT_HOSTNAME=myhost.mydomain.com \
hostel-huptainerBy default hostel-huptainer will reload matching containers by sending
them a SIGHUP signal. You can override this default by passing the
--signal or -s option and specifying either reload (SIGHUP)
or restart (SIGINT followed by process relaunch) like so:
CERTBOT_HOSTNAME=myhost.mydomain.com \
hostel-huptainer --signal restartHere's an example of how you can use this program via certbot/lets-do-dns:
DO_APIKEY=super-secret-key \
DO_DOMAIN=mydomain.com \
LETS_DO_POSTCMD=hostel-huptainer \
certbot certonly --manual -d myhostname.mydomain.com \
--preferred-challenges dns \
--manual-auth-hook lets-do-dns \
--manual-cleanup-hook lets-do-dnsWhen using via certbot/lets-do-dns, you can simply invoke certbot like so when performing a certificate renewal and it will call hostel-huptainer only when a renewal is required:
DO_APIKEY=super-secret-key \
DO_DOMAIN=mydomain.com \
LETS_DO_POSTCMD=hostel-huptainer \
certbot renewHere's an example of how you can use this program from Docker when you pulled the image from the Docker Hub:
docker run -v "$(pwd)/my-cert-dir:/etc/letsencrypt" \
-v "/var/run/docker.sock:/var/run/docker.sock" \
-e "DO_APIKEY=super-secret-key" \
-e "DO_DOMAIN=mydomain.com" \
-e "LETS_DO_POSTCMD=hostel-huptainer" \
jitsusama/hostel-huptainer \
certonly --manual -d myhostname.mydomain.com \
--preferred-challenges dns \
--manual-auth-hook lets-do-dns \
--manual-cleanup-hook lets-do-dnsWhen using via certbot/lets-do-dns, you can simply invoke certbot like so when performing a certificate renewal and it will call hostel-huptainer only when a renewal is required:
docker run -v "$(pwd)/my-cert-dir:/etc/letsencrypt" \
-v "/var/run/docker.sock:/var/run/docker.sock" \
-e "DO_APIKEY=super-secret-key" \
-e "DO_DOMAIN=mydomain.com" \
-e "LETS_DO_POSTCMD=hostel-huptainer" \
jitsusama/hostel-huptainer \
certbot renew