Lets encrypt and the new way to obtain certificate

stephdl · October 30, 2025, 4:48pm

We have changed something with certificates and how we can retrieve it. Previously we faced an issue that was we could request a certificate but we were not aware about if the certificate was accepted by the acme challenge or not, now it is

When you issue to request a certificate you can be aware about it, I tried to resume my mind with a pull request

and something if you want to test the new behavior

add-module ghcr.io/stephdl/kickstart:latest

stephdl · October 30, 2025, 5:00pm

The idea is that you can continue with your previous code but you will face some issues

firstable you are not aware about certification obtention, it might work or not, a bad A field at your registar and it fails for instance

When you ask to traefik to set a route with let’s encrypt you have three behaviors

lets_encrypt True → you ask a certificate, we wait until it is accepted, we fail if not and we display a failure state, now in a banner with my new code
lets_encrypt False → you set the relevant certificate obsolete and you restart traefik, http web access through traefik could be interrupted
lets_encrypt not sent , this is what the code does, do nothing

Since we stop to configure now when the certificat is not good, we should do not configure lets_encrypt on clone and restore action, hence we have removed it

Now you have a button in the tooltip to reach the certificate page
When Lets_encrypt is set, requested, issued with a valid certificate, you have a banner when you try to set the toggle False, explaining the certificate will be obsoleted and traefik will be restarted.

LayLow · October 30, 2025, 6:20pm

Just making sure, is this command correct pls?

add-module docker pull ghcr.io/stephdl/kickstart:latest

for it seems to lead to mariadb??

https://github.com/stephdl/ns8-kickstart-mariadb/pkgs/container/kickstart

stephdl · October 30, 2025, 6:50pm

corrected