The following command leads to a series of reasonable prompts for information such as company information, contact info, etc... I'd like to be able to run it but pass that information as either parameters or a config file but I can't find out how from the docs (https://certbot.eff.org/docs/using.html#command-line-options). Any ideas?
letsencrypt certonly \
--webroot -w /letsencrypt/challenges/ \
--text --renew-by-default --agree-tos \
$domain_args \
--email=$EMAIL
Note that I am not trying to renew but to generate fresh new certificates.
Thank you
When using ployst/letsencrypt the initial certificate creation can be done using their internal scripts. Those scripts already pass all the right arguments to make this an automated process and not an interactive one. The documentation has the following two steps that both create the certificate and apply it as a secret.
If your environment variables are already set properly, you don't even have to pass -c 'EMAIL=.... etc.
Generate a new set of certs
Once this container is running you can generate new certificates using:
kubectl exec -it <pod> -- bash -c 'EMAIL=fred@fred.com DOMAINS=example.com foo.example.com ./fetch_certs.sh'Save the set of certificates as a secret
kubectl exec -it <pod> -- bash -c 'DOMAINS=example.com foo.example.com ./save_certs.sh'
You should pass the --noninteractive flag to letsencrypt. According to the document that you linked to, that will produce an error telling you which other flags are necessary.