feat: add CertMate template

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
Mauricio Siu
2026-07-14 13:37:16 -06:00
parent 17efd705a4
commit a266e36a4d
5 changed files with 84 additions and 0 deletions

View File

@@ -0,0 +1,33 @@
version: "3.8"
services:
certmate:
image: fabriziosalmi/certmate:2.21.3
environment:
- FLASK_ENV=production
- SECRET_KEY=${SECRET_KEY} # 🔐 Flask session secret
- API_BEARER_TOKEN=${API_BEARER_TOKEN} # 🔐 API / web UI token
- BEHIND_PROXY=${BEHIND_PROXY}
- CLOUDFLARE_TOKEN=${CLOUDFLARE_TOKEN}
- LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL}
- LOG_LEVEL=${LOG_LEVEL}
ports:
- 8000
volumes:
- certmate_certificates:/app/certificates
- certmate_data:/app/data
- certmate_logs:/app/logs
- certmate_backups:/app/backups
restart: unless-stopped
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
volumes:
certmate_certificates:
certmate_data:
certmate_logs:
certmate_backups:

View File

@@ -0,0 +1,13 @@
# CertMate
## Getting started
1. Deploy the template and open the app domain.
2. Log in with the **API bearer token**: it is auto-generated by the template and stored in the `API_BEARER_TOKEN` environment variable (Dokploy → your service → Environment). The same token authenticates REST API requests (`Authorization: Bearer <token>`).
3. In **Settings**, set your Let's Encrypt email and add credentials for your DNS provider (Cloudflare, Route53, etc.) to issue certificates through DNS-01 challenges.
## Notes
- `CLOUDFLARE_TOKEN` can optionally be set as an environment variable instead of configuring it in the UI.
- Certificates, application data and backups are persisted in the `certmate_certificates`, `certmate_data` and `certmate_backups` volumes.
- API documentation is available at `/docs/` (Swagger) and `/redoc/` on your domain.

Binary file not shown.

After

Width:  |  Height:  |  Size: 46 KiB

View File

@@ -0,0 +1,18 @@
{
"id": "certmate",
"name": "CertMate",
"version": "2.21.3",
"description": "CertMate is an SSL certificate management system with a web UI and REST API. It automates issuing and renewing Let's Encrypt certificates via DNS-01 challenges across 20+ DNS providers, with unified backups and multi-account support.",
"logo": "logo.png",
"links": {
"github": "https://github.com/fabriziosalmi/certmate",
"website": "https://www.certmate.org/",
"docs": "https://www.certmate.org/docs/"
},
"tags": [
"ssl",
"certificates",
"security",
"self-hosted"
]
}

View File

@@ -0,0 +1,20 @@
[variables]
main_domain = "${domain}"
SECRET_KEY = "${password:32}"
API_BEARER_TOKEN = "${password:32}"
[config]
mounts = []
[[config.domains]]
serviceName = "certmate"
port = 8000
host = "${main_domain}"
[config.env]
SECRET_KEY = "${SECRET_KEY}" # 🔐 Flask session secret
API_BEARER_TOKEN = "${API_BEARER_TOKEN}" # 🔐 API / web UI token
BEHIND_PROXY = "true"
CLOUDFLARE_TOKEN = ""
LETSENCRYPT_EMAIL = ""
LOG_LEVEL = "INFO"