Update README.md

added dns wait option and updated docs

README.md

@@ -1,31 +1,23 @@
 # snorkrat/auto-letsencrypt-dns
 
-A modified version of [gchan/auto-letsencrypt](https://github.com/gchan/auto-letsencrypt)
-
-A Docker image to automatically request and renew SSL/TLS certificates from [Let's Encrypt](https://letsencrypt.org/) using [certbot](https://certbot.eff.org/about/) and the [DNS-Plugins](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins) method for domain validation. This image is also capable of sending a `HUP` signal to a Docker container running a web server in order to use the freshly minted certificates.
+A Docker image to automatically request and renew SSL/TLS certificates from [Let's Encrypt](https://letsencrypt.org/) using [certbot](https://certbot.eff.org/about/) and the [DNS-Plugins](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins) method for domain validation. This image is also capable of sending a restart command to a Docker container running a web server in order to use the freshly minted certificates.
 
 The reason I made (modified) this was because I needed to have a secondary way to validate domain ownership while using [LinuxServer SWAG](https://github.com/linuxserver/docker-swag).  I use Cloudflare for my domain dns management, however I recently acquired some free domains (.tk, .ml, etc) which are blocked from using Cloudflare's API.  DigitalOcean also provide free DNS management, so I wanted to use their API to update my DNS recods for my free domains.  I use this to generate the certs and place them in a directory which is mapped to my SWAG continer.  I then created a secondary ssl.conf (ssl2.conf) file which points to the location of those certs.  Then in my subdomain.conf I can specify my ssl2.conf file so that it uses the correct certs for the alternate domain.
 
 I exclusively use Docker Compose, so all examples will assume that you are using Docker Compose as well.
 
 ## Example Usage
 
-### Specify Certbot DNS-Plugin build
+### Specify Certbot DNS-Plugin
 
-As this image uses the DNS-Plugin method, you need to specify the build of certbot which includes your DNS-Plugin.  See [certbot/certbot](https://hub.docker.com/r/certbot/certbot) for a list of plugins including their tags.  Please set this as a build argument in your docker-compose.yml.
+As this image uses the DNS-Plugin method, you need to specify the which DNS-Plugin to use.  See [Certbot - DNS Plugins](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins) for a list of plugins.  Please set this in the `DNS_PLUGIN` environment variable your docker-compose.yml.
 
 A Docker Compose snippit to show this config:
 ```
-version: "3.9"
-services:
-  auto-letsencrypt-dns:
-    build:
-      context: ./dir
-      dockerfile: Dockerfile
-      args:
-        CERTBOTBUILD: dns-digitalocean:arm64v8-latest
-    image: myimage/auto-letsencrypt-dns
-    container_name: auto-letsencrypt-dns
+    environment:
+      - DOMAINS=example.com *.example.com
+      - SERVER_CONTAINER=swag
+      - DNS_PLUGIN=digitalocean
 ```
 
 ### Create credentials.ini and map the host directory to the container
@@ -50,6 +42,10 @@ ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
 
 The container will attempt to request and renew SSL/TLS certificates for the specified domains and automatically repeat the renew process periodically (default is every 30 days).
 
+### Persistant Storage
+
+Certbot stores the generated certs in the `/etc/letsencrypt` directory.  You should map this (even if you specify `CERTS_PATH`) to a directory on the host so that certbot does not generate new certs on container creation, but rather by how long is left before the certificate expires.
+
 ## Optional features
 
 ### Wildcard Certificates
@@ -61,7 +57,7 @@ A Docker Compose snippit to show this config:
       - DOMAINS=example.com *.example.com
 ```
 ### Reload server configuration
-To automatically reload the server configuration to use the new certificates, provide the container name to the environment variable `SERVER_CONTAINER` and pass through the Docker socket to this container: `-v /var/run/docker.sock:/var/run/docker.sock`. The image will send a `HUP` signal to the specified container.
+To automatically reload the server configuration to use the new certificates, provide the container name to the environment variable `SERVER_CONTAINER` and pass through the Docker socket to this container: `-v /var/run/docker.sock:/var/run/docker.sock`. The image will send a `docker restart` command to the specified container.
 
 ### Copy certificates to another directory
 Provide a directory path to the `CERTS_PATH` environment variable if you wish to copy the certificates to another directory. You may wish to do this in order to avoid exposing the entire `/etc/letsencrypt/` directory to your web server container.
@@ -81,8 +77,6 @@ services:
     build:
       context: ./dir
       dockerfile: Dockerfile
-      args:
-        CERTBOTBUILD: dns-digitalocean:arm64v8-latest
     image: myimage/auto-letsencrypt-dns
     container_name: auto-letsencrypt-dns
     environment:
@@ -94,24 +88,30 @@ services:
       - CERTS_PATH=/etc/certs
       - STAGING=1
       - SERVER_CONTAINER=swag
+      - DNS_WAIT=15
     entrypoint: ./entrypoint.sh
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
-      - /path/to/host/cert/dir:/etc/certs
-      - /path/to/host/dns/credentials:/var/dns
+      - /path/on/host/letsencrypt:/etc/letsencrypt
+      - /path/on/host/cert/dir:/etc/certs
+      - /path/on/host/dns/credentials:/var/dns
     restart: always
 ```
 
 ### Environment variables
 
 * **DOMAINS**: Domains for your certificate. e.g. `example.com www.example.com`.
-* **DNS_PLUGIN**: Specifiy the DNS-Plugin to use. e.g. `digitalocean`. Note: you still need to edit the build args! See above.
+* **DNS_PLUGIN**: Specifiy the DNS-Plugin to use. e.g. `digitalocean`.
 * **EMAIL**: Email for urgent notices and lost key recovery. e.g. `[email protected]`.
 * **DNS_INI_PATH** Optional. Path to the credentials.ini directory in the web server for checks. Defaults to `/var/dns`.
 * **CERTS_PATH**: Optional. Copy the new certificates to the specified path. e.g. `/etc/nginx/certs`.
-* **SERVER_CONTAINER**: Optional. The Docker container name of the server you wish to send a `HUP` signal to in order to reload its configuration and use the new certificates.
-* **SERVER_CONTAINER_LABEL**: Optional. The Docker container label of the server you wish to send a `HUP` signal to in order to reload its configuration and use the new certificates. This environment variable will be helpfull in case of deploying with docker swarm since docker swarm will create container name itself.
+* **SERVER_CONTAINER**: Optional. The Docker container name of the server you wish to send a `docker restart` command to in order to reload its configuration and use the new certificates.
+* **SERVER_CONTAINER_LABEL**: Optional. The Docker container label of the server you wish to send a `docker restart` command to in order to reload its configuration and use the new certificates. This environment variable will be helpfull in case of deploying with docker swarm since docker swarm will create container name itself.
 * **CHECK_FREQ**: Optional.  How often (in days) to perform checks. Defaults to `30`.
+* **DNS_WAIT**: Optional.  How long (in seconds) to wait for DNS propagation.  Defaults to `10`.
+
+
+A modified version of [gchan/auto-letsencrypt](https://github.com/gchan/auto-letsencrypt)
 
 #### License