| .onedev-buildspec.yml | Loading last commit info... | |
| Dockerfile | ||
| README.md | ||
| acme2s3.sh |
README.md
acme2s3
A small container tool to watch acme.json (used by Traefik) and push TLS certificates to an S3-compatible bucket (e.g., MinIO). Supports multi-domain export and optional immediate sync at startup.
Required Environment Variables
| Variable | Description |
|---|---|
DOMAINS | Comma-separated list of domains to extract and upload |
MC_ACCESS_KEY | S3 access key (from MinIO user) |
MC_SECRET_KEY | S3 secret key |
MC_HOST | S3 host URL including optional port (e.g. minio.example.com:9000) |
MC_PROTOCOL | Protocol to connect to S3 (http or https, default: https) |
ACME_FILE | Path to acme.json (default: /data/acme.json) |
BUCKET_PATH | S3 bucket path where certs will be uploaded (default: traefik) |
FORCE_PUSH_ON_START | If true, certificates are extracted and uploaded once immediately when the container starts |
Usage
Set the environment variables accordingly and run the container. The container will watch the specified acme.json file for changes and automatically extract and push certificates to the configured S3 bucket.
If FORCE_PUSH_ON_START is enabled, the certificates are pushed once immediately on startup before watching for changes.