This container is used to generate and automatically renew SSL certificates from Let's Encrypt using the Cloudflare DNS plugin. It's based off the official Certbot image with some modifications to make it more flexible and configurable.
Docker Image | Size |
---|---|
serversideup/certbot-dns-cloudflare |
The image is based on certbot/dns-cloudflare:latest
, providing a stable and up-to-date environment for running Certbot with Cloudflare DNS authentication.
- Automatic SSL certificate generation and renewal using Let's Encrypt
- No configs needed, this image generates the cloudflare.ini file for you
- Cloudflare DNS authentication for domain validation
- Customizable configuration via environment variables
- Periodic certificate renewal checks
- Windows support (set
REPLACE_SYMLINKS
totrue
) - Native Docker health checks to ensure the server is running
We designed this image to work great in orchestrated deployments like Kubernetes, Docker Swarm, or even in Github Actions. Look how simple the syntax is:
certbot:
image: serversideup/certbot-dns-cloudflare
volumes:
- certbot_data:/etc/letsencrypt
environment:
CLOUDFLARE_API_TOKEN: "${CLOUDFLARE_API_TOKEN}"
CERTBOT_EMAIL: "${CERTBOT_EMAIL}"
CERTBOT_DOMAINS: "${CERTBOT_DOMAINS}"
CERTBOT_KEY_TYPE: "rsa"
volumes:
certbot_data:
The following environment variables can be used to customize the Certbot container:
Variable | Description | Default Value |
---|---|---|
CERTBOT_DOMAINS |
Comma-separated list of domains for which to obtain the certificate | - |
CERTBOT_EMAIL |
Email address for Let's Encrypt notifications | - |
CERTBOT_KEY_TYPE |
Type of private key to generate | ecdsa |
CLOUDFLARE_API_TOKEN |
Cloudflare API token for DNS authentication (see below how to create one) | - |
DEBUG |
Enable debug mode (prints more information to the console) | false |
PUID |
The user ID to run certbot as | 0 |
PGID |
The group ID to run certbot as | 0 |
RENEWAL_INTERVAL |
Interval between certificate renewal checks. Set to 0 to disable renewals and only run once. |
43200 seconds (12 hours) |
REPLACE_SYMLINKS |
Replaces symlinks with direct copies of the files they reference (required for Windows) | false |
Warning
Treat this token like a password. It will grant access to your Cloudflare account and can be used to modify DNS records.
- Go to the Cloudflare API Tokens page.
- Click on "Create Token".
- Click "Use template" for the "Edit Zone DNS" template.
- Change the token name (optional)
- Set a specific zone under "Zone Resources" (optional)
- Click on "Continue to summary".
- Click on "Create Token".
-
Pull the Docker image:
docker pull serversideup/certbot-dns-cloudflare:latest
-
Run the container with the required environment variables:
Caution
Make sure to replace the -v /path/to/your/certs:/etc/letsencrypt
with a valid path on your host machine.
docker run \
-e CERTBOT_DOMAINS="yourdomain.com" \
-e CERTBOT_EMAIL="[email protected]" \
-e CLOUDFLARE_API_TOKEN="your-cloudflare-api-token" \
-v /path/to/your/certs:/etc/letsencrypt \
serversideup/certbot-dns-cloudflare:latest
- The container will automatically generate and renew the certificate.
- Discord for friendly support from the community and the team.
- GitHub for source code, bug reports, and project management.
- Get Professional Help - Get video + screen-sharing help directly from the core contributors.
As an open-source project, we strive for transparency and collaboration in our development process. We greatly appreciate any contributions members of our community can provide. Whether you're fixing bugs, proposing features, improving documentation, or spreading awareness - your involvement strengthens the project.
- Bug Report: If you're experiencing an issue while using these images, please create an issue.
- Security Report: Report critical security issues via our responsible disclosure policy.
Need help getting started? Join our Discord community and we'll help you out!
All of our software is free an open to the world. None of this can be brought to you without the financial backing of our sponsors.
No bronze sponsors yet. Become a sponsor →We're Dan and Jay - a two person team with a passion for open source products. We created Server Side Up to help share what we learn.
- 📖 Blog - Get the latest guides and free courses on all things web/mobile development.
- 🙋 Community - Get friendly help from our community members.
- 🤵♂️ Get Professional Help - Get video + screen-sharing support from the core contributors.
- 💻 GitHub - Check out our other open source projects.
- 📫 Newsletter - Skip the algorithms and get quality content right to your inbox.
- 🐥 Twitter - You can also follow Dan and Jay.
- ❤️ Sponsor Us - Please consider sponsoring us so we can create more helpful resources.
If you appreciate this project, be sure to check out our other projects.
- The Ultimate Guide to Building APIs & SPAs: Build web & mobile apps from the same codebase.
- Building Multi-Platform Browser Extensions: Ship extensions to all browsers from the same codebase.
- Bugflow: Get visual bug reports directly in GitHub, GitLab, and more.
- SelfHost Pro: Connect Stripe or Lemonsqueezy to a private docker registry for self-hosted apps.
- AmplitudeJS: Open-source HTML5 & JavaScript Web Audio Library.
- Spin: Laravel Sail alternative for running Docker from development → production.
- Financial Freedom: Open source alternative to Mint, YNAB, & Monarch Money.