v1.8
Pre-release
Changes since v1.7:
- Add the ability to use a custom DH parameters size ( #251 )
- Add Amazon ECS Support ( #300 )
- Add the
/app/_cert_statusscript to get informations about existing certificates ( fa837ba ) - Check
nginx-proxycontainer state before attempting to request certificates ( #321 ) - Update
simp_leto 0.7.0 ( 400a7da ) - Update
docker-gento 0.7.4 ( 9570237 ) - Disable SSL for domains that are no longer used in a
LETSENCRYPT_HOSTenv var ( 4b2b442 ) - Rework of the the
nginx-proxyanddocker-gencid acquisition logic ( 866dda1 16f0222 ) - Do not overwrite production certs with test certs and vice versa (0312525 )
- Do not remove single domain certs whose domain is now part of a SAN cert ( 40a4d9c )
- Fixes to the symlinking logic ( 810a6cd d606704 )
- Minor code / typo cleanups ( #328 3af5ae8 3b212f2 )
Notes:
a5cf93e disable SSL for domains that are no longer configured as LETSENCRYPT_HOST on a container.
However, HSTS being enabled by default by the upstream nginx.tmpl, disabling SSL for a domain won't enable back http for your returning site users and your site will be unreachable for them.
The only way to get to an http site after receiving an HSTS response is to clear your browser's HSTS cache.
If you want to have the ability to fully switch between having https enabled or disabled, read carefully about HSTS and disable it by setting the HSTS=off environment variable on proxyed containers.
The previous behaviour was that symlinks were never removed, wether you stopped or removed the proxyed container or re-created it without LETSENCRYPT_HOST environment variable.
Also, due to the update to simp_le 0.7.0, the ACME_TOS_HASH environment variable has been deprecated. This version of simp_le does not compare Terms of Service hashes anymore and implicitly agree to the ACME CA ToS automatically.