Comment on page

Environment variables

Nginx-le uses environment variables to configure your docker container when it is created.
nginx-le config
When using nginx-le config it will automatically create the required environment variables when creating a container for you. As such you don't need to set any of these variables.
docker-compose
When using docker-compose you need to configure each environment variable in your docker-compose file. See the docker-compose section for more details.
docker
If you are manually creating your docker container then you will need to set each environment variable before you create your docker container. 
These environment variables are only needed when your container is being created. You do not need to set them when running an existing container.
Nginx-LE uses the following environment variables to control the operation of the container:
Name
Type
Domain
Description
DEBUG
bool
true|false
Controls the logging level of Nginx-LE.
HOSTNAME
String
A valid host name
The host name of the web server. e.g. www
DOMAIN
String
A valid domain name
The domain name of the web server. e.g. microsoft.com.au
TLD
String
Top level domain name
The top level domain name of the web server. e.g. com.au
EMAIL_ADDRESS
String
valid email address
The email address that errors are sent to and also passed to Certbot which will use the email address to send renewal reminders to.
PRODUCTION
bool
true|false
True to use a 'production' certbot certificate. False will acquire a Staging (test) certificate. We recommend that you set this to false during testing.
DOMAIN_WILDCARD
bool
true |false
Controls whether we acquire a single FQDN certificate or a domain wildcard certificate. Set to true to obtain a wild card domain. If you use this option on a number of servers which use the same domain then you will quickly hit the Certbot rate limits.
AUTO_ACQUIRE
bool
true|false
Defaults to true. If true Nginx-LE will automatically acquire a certificate.
AUTH_PROVIDER
String
HTTP01Auth | cloudflare | namecheap
Select the Certbot Authentication method.
SMTP_SERVER
String
FQDN or IP
The FQDN or IP of the SMTP server Nginx-LE is to use to send error emails via. Currently we only support email servers that don't require authentication.
SMTP_SERVER_PORT
int
Port no.
Defaults to 25, The tcp port no.of the SMTP server Nginx-LE is to use to send error emails via.
START_PAUSED
bool
true |false
If true then the docker container will start but it won't try to start nginx or acquire a certificate. This mode is intended to help diagnose startup problems. Use nginx-le cli to attach to the container.
AUTH_PROVIDER_TOKEN
String
Auth Provider token
If the Auth Provider requires a TOKEN then this will be used to hold it.
AUTH_PROVIDER_USERNAME
String
Auth Provider username
If the Auth Provider requires a username then this will be used to hold it.
AUTH_PROVIDER_PASSWORD
String
Auth Provider password
If the Auth Provider requires a password then this will be used to hold it.
AUTH_PROVIDER_EMAIL_ADDRESS
String
Auth Provider Email Address
If the Auth Provider requires an email address that differs from EMAIL_ADDRESS then this will be used to hold it. If not passed the value contained in EMAIL_ADDRESS will be used.
CERTBOT_IGNORE_BLOCK
bool
true|false
If an error occurs when attempting to acquire a certificate, a flag file (block_acquisitions.flag) is written into /etc/letsencrypt to stop further auto acquisition attempts. This is done to avoid hitting Certbot rate limits which can occur if we keep retrying due to a permanent failure. If you are are sure you deployments never fail and don't want temporary errors to stop auto acquisition then you can pass this environment variable (with a value of true) in which case the normal auto acquisition will occur regardless of the existence of the flag. The block flag file automatically times out after 15 minutes. Running 'nginx-le acquire' also clears the block flag.

Diagnosing problems

Internal Environment Variables

Last modified 1yr ago

Name	Type	Domain	Description
DEBUG	bool	true\|false	Controls the logging level of Nginx-LE.
HOSTNAME	String	A valid host name	The host name of the web server. e.g. www
DOMAIN	String	A valid domain name	The domain name of the web server. e.g. microsoft.com.au
TLD	String	Top level domain name	The top level domain name of the web server. e.g. com.au
EMAIL_ADDRESS	String	valid email address	The email address that errors are sent to and also passed to Certbot which will use the email address to send renewal reminders to.
PRODUCTION	bool	true\|false	True to use a 'production' certbot certificate. False will acquire a Staging (test) certificate. We recommend that you set this to false during testing.
DOMAIN_WILDCARD	bool	true \|false	Controls whether we acquire a single FQDN certificate or a domain wildcard certificate. Set to true to obtain a wild card domain. If you use this option on a number of servers which use the same domain then you will quickly hit the Certbot rate limits.
AUTO_ACQUIRE	bool	true\|false	Defaults to true. If true Nginx-LE will automatically acquire a certificate.
AUTH_PROVIDER	String	HTTP01Auth \| cloudflare \| namecheap	Select the Certbot Authentication method.
SMTP_SERVER	String	FQDN or IP	The FQDN or IP of the SMTP server Nginx-LE is to use to send error emails via. Currently we only support email servers that don't require authentication.
SMTP_SERVER_PORT	int	Port no.	Defaults to 25, The tcp port no.of the SMTP server Nginx-LE is to use to send error emails via.
START_PAUSED	bool	true \|false	If true then the docker container will start but it won't try to start nginx or acquire a certificate. This mode is intended to help diagnose startup problems. Use nginx-le cli to attach to the container.
AUTH_PROVIDER_TOKEN	String	Auth Provider token	If the Auth Provider requires a TOKEN then this will be used to hold it.
AUTH_PROVIDER_USERNAME	String	Auth Provider username	If the Auth Provider requires a username then this will be used to hold it.
AUTH_PROVIDER_PASSWORD	String	Auth Provider password	If the Auth Provider requires a password then this will be used to hold it.
AUTH_PROVIDER_EMAIL_ADDRESS	String	Auth Provider Email Address	If the Auth Provider requires an email address that differs from `EMAIL_ADDRESS` then this will be used to hold it. If not passed the value contained in EMAIL_ADDRESS will be used.
CERTBOT_IGNORE_BLOCK	bool	true\|false	If an error occurs when attempting to acquire a certificate, a flag file (block_acquisitions.flag) is written into /etc/letsencrypt to stop further auto acquisition attempts. This is done to avoid hitting Certbot rate limits which can occur if we keep retrying due to a permanent failure. If you are are sure you deployments never fail and don't want temporary errors to stop auto acquisition then you can pass this environment variable (with a value of true) in which case the normal auto acquisition will occur regardless of the existence of the flag. The block flag file automatically times out after 15 minutes. Running 'nginx-le acquire' also clears the block flag.