Bump v0.5.0

janeczku · May 14, 2017 · 0913231 · 0913231
1 parent 18a52d3
commit 0913231
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 15 deletions.
diff --git a/README.md b/README.md
@@ -14,7 +14,7 @@
 A [Rancher](http://rancher.com/rancher/) service that obtains free SSL/TLS certificates from the [Let's Encrypt CA](https://letsencrypt.org/), adds them to Rancher's certificate store and manages renewal and propagation of updated certificates to load balancers.
 
 #### Requirements
-* Rancher Server >= v1.2.0
+* Rancher Server >= v1.5.0
 * If using a DNS-based challenge, existing account with one of the supported DNS providers:
   * `Aurora DNS`
   * `AWS Route 53`
@@ -28,7 +28,7 @@ A [Rancher](http://rancher.com/rancher/) service that obtains free SSL/TLS certi
   * `Ovh`
   * `Vultr`
 
-* If using the HTTP challenge, a proxy that routes `example.com/.well-known/acme-challenge` to `rancher-letsencrypt`.
+* If using the HTTP challenge, a reverse proxy that routes `example.com/.well-known/acme-challenge` to `rancher-letsencrypt`. 
 
 ### How to use
 
@@ -39,23 +39,19 @@ Then locate the `Let's Encrypt` template in the Catalog section of the UI and fo
 
 ### Storing certificate in shared storage volume
 
-By default the created SSL certificate is stored in Rancher for usage in load balancers.  
+By default the created SSL certificate is stored in Rancher's certificate store for usage in Rancher load balancers.
 
-If you specify an existing volume storage driver (e.g. rancher-nfs) then the account data, certificate and private key will be stored in a stack scoped volume named `lets-encrypt`, allowing you to access them from other services in the same stack. See the [Storage Service documentation](https://docs.rancher.com/rancher/v1.3/en/rancher-services/storage-service/).
+You can specify a volume name to store account data, certificate and private key in a (host scoped) named Docker volume.
+To share the certificates with other services you may specify a persistent storage driver (e.g. rancher-nfs).
 
-#### Example
-
-When mounting the `lets-encrypt` storage volume to `/etc/letsencrypt` in another container, then production certificates and keys are located at:
-
-- `/etc/letsencrypt/production/certs/<certificate name>/fullchain.pem`
-- `/etc/letsencrypt/production/certs/<certificate name>/privkey.pem`
-
-where `<certificate name>` is the name of the certificate sanitized to consist of only the following characters: `[a-zA-Z0-9-_.]`.
+See the README in the Rancher catalog for more information.
 
 ### Provider specific usage
 
 #### AWS Route 53
 
+Note: If you have both a private and public zone in Route53 for the domain, you need to run the service configured with public DNS resolvers (this is now the default).
+
 The following IAM policy describes the minimum permissions required when using AWS Route 53 for domain authorization.    
 Replace `<HOSTED_ZONE_ID>` with the ID of the hosted zone that encloses the domain(s) for which you are going to obtain certificates. You may use a wildcard (*) in place of the ID to make this policy work with all of the hosted zones associated with an AWS account.
 
@@ -106,7 +102,7 @@ Then deploy this service using the generated key, application secret and consume
 
 If you prefer not to use a DNS-based challenge or your provider is not supported, you can use the HTTP challenge.
 Simply choose `HTTP` from the list of providers.
-Then make sure that HTTP requests to `domain.com/.well-known/acme-challenge` are forwarded to the `rancher-letsencrypt` service, e.g. by configuring a Rancher load balancer accordingly.
+Then make sure that HTTP requests to `domain.com/.well-known/acme-challenge` are forwarded to port 80 of the `rancher-letsencrypt` service, e.g. by configuring a Rancher load balancer accordingly. If you are using another reverse proxy (e.g. Nginx) you need to make sure it passed the original `host` header through to the backend.
 
 ![Rancher Load Balancer Let's Encrypt Targets](https://cloud.githubusercontent.com/assets/198988/22224463/0d1eb4aa-e1bf-11e6-955c-5f0d085ce8cd.png)
 

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-v0.4.0
+v0.5.0
diff --git a/package/Dockerfile b/package/Dockerfile
@@ -2,7 +2,7 @@ FROM alpine:3.5
 
 RUN apk add --no-cache ca-certificates openssl bash
 
-ENV LETSENCRYPT_RELEASE v0.4.0
+ENV LETSENCRYPT_RELEASE v0.5.0
 ENV SSL_SCRIPT_COMMIT 08278ace626ada71384fc949bd637f4c15b03b53
 
 RUN wget -O /usr/bin/update-rancher-ssl https://raw.githubusercontent.com/rancher/rancher/${SSL_SCRIPT_COMMIT}/server/bin/update-rancher-ssl && \