Move Let's Encrypt service to overrides entirely.

This allows you to select and configure the service without
touching the main compose file, making updating a lot easier.

Also add overrides for MyDNSHost and HTTP.

README.md

 
 ## Getting started
 
-The out-of-the-box setup uses [Lexicon](https://github.com/AnalogJ/lexicon)
-to perform DNS updates. This will work if you use one DNS provider for all
-the domains you wish to use, and Lexicon supports that provider. If that
-is the case, then getting started is very easy:
-
- 1. Copy docker-compose.override.example.yml to docker-compose.override.yml
- 2. Change the e-mail address, provider, and provider auth details
+This repository contains configuration for four different methods of obtaining
+Let's Encrypt certificates:
+
+ * **`docker-compose.override.generic.yml`** - a generic solution for obtaining
+   certificates using DNS entries. You must supply a
+   [Dehydrated](https://github.com/lukas2511/dehydrated) hook that will add and
+   remove DNS entries as needed.
+ * **`docker-compose.override.lexicon.yml`** - uses the
+   [Lexicon](https://github.com/AnalogJ/lexicon) library to perform DNS updates
+   for major cloud DNS providers.
+ * **`docker-compose.override.mydnshost.yml`** - uses the
+   [MyDNSHost](https://mydnshost.co.uk) API to perform DNS updates for domains
+   hosted there
+ * **`docker-compose.override.http.yml`** - performs a HTTP challenge instead of
+   using DNS, saving the response to disk so it can be served by Nginx.
+
+To get started:
+
+ 1. Copy the relevant docker-compose.override.\*.yml file to
+    docker-compose.override.yml
+ 2. Change any settings (auth token, staging environment, etc)
  3. Run `docker-compose up -d`
 
 If you have existing containers with the appropriate labels, the certificates

docker-compose.override.generic.yml

+---
+version: '2'
+
+services:
+
+  # letsencrypt-generic uses a user-defined hook to update DNS entries.
+  # You need to supply your own hook, available at /dns/hook. See the
+  # letsencrypt.sh repo for details about hook arguments.
+  letsencrypt-generic:
+    image: csmith/letsencrypt-generic:latest
+    container_name: autoproxy_letsencrypt-generic
+    restart: always
+    volumes:
+      - letsencrypt-data:/letsencrypt
+      - /my/hook/script:/dns/hook
+    environment:
+      # For testing purposes, use the Let's Encrypt staging server.
+      # Remove this for production use!
+      - STAGING=yes
+      # To accept Let's Encrypt's temrs of service automatically:
+      #- ACCEPT_CA_TERMS=yes
+      # The e-mail address to provide to Let's Encrypt.
+      - EMAIL=your@email.addr
+      # Any environment variables your hook needs
+      - MY_SECRET=1234567890123456789012345678901234567890

docker-compose.override.http.yml

+---
+version: '2'
+
+services:
+
+  # letsencrypt-http uses the HTTP-01 challenge to verify ownership. The
+  # well-known files must be served by a webserver.
+  letsencrypt-http:
+    image: csmith/letsencrypt-http-01:latest
+    container_name: autoproxy_letsencrypt-http
+    restart: always
+    volumes:
+      - letsencrypt-data:/letsencrypt
+    environment:
+      # For testing purposes, use the Let's Encrypt staging server.
+      # Remove this for production use!
+      - STAGING=yes
+      # To accept Let's Encrypt's temrs of service automatically:
+      #- ACCEPT_CA_TERMS=yes
+      # The e-mail address to provide to Let's Encrypt.
+      - EMAIL=your@email.addr
+      # Any environment variables your hook needs
+      - MY_SECRET=1234567890123456789012345678901234567890

docker-compose.override.example.yml → docker-compose.override.lexicon.yml

 
 services:
 
+  # letsencrypt-lexicon obtains Let's Encrypt certificates by modifying
+  # DNS records. It supports several major cloud DNS providers.
   letsencrypt-lexicon:
+    image: csmith/letsencrypt-lexicon:latest
+    container_name: autoproxy_letsencrypt-lexicon
+    restart: always
+    volumes:
+      - letsencrypt-data:/letsencrypt
     environment:
       # For testing purposes, use the Let's Encrypt staging server.
       # Remove this for production use!
       - STAGING=yes
+      # To accept Let's Encrypt's temrs of service automatically:
+      #- ACCEPT_CA_TERMS=yes
       # The e-mail address to provide to Let's Encrypt.
       - EMAIL=your@email.addr
       # The Lexicon provider to use
       # Provider-specific authentication details
       - LEXICON_CLOUDFLARE_USERNAME=your@email.addr
       - LEXICON_CLOUDFLARE_TOKEN=1234567890123456789012345678901234567890
-

docker-compose.override.mydnshost.yml

+---
+version: '2'
+
+services:
+
+  # letsencrypt-mydnshost obtains Let's Encrypt certificates by modifying
+  # DNS records for domains hosted at mydnshost.co.uk.
+  letsencrypt-mydnshost:
+    image: csmith/letsencrypt-mydnshost:latest
+    container_name: autoproxy_letsencrypt-mydnshost
+    restart: always
+    volumes:
+      - letsencrypt-data:/letsencrypt
+    environment:
+      # For testing purposes, use the Let's Encrypt staging server.
+      # Remove this for production use!
+      - STAGING=yes
+      # To accept Let's Encrypt's temrs of service automatically:
+      #- ACCEPT_CA_TERMS=yes
+      # The e-mail address to provide to Let's Encrypt.
+      - EMAIL=your@email.addr
+      # The account and API key to use for MyDNSHost
+      - MYDNSHOST_AUTH_USER=your@email.addr
+      - MYDNSHOST_AUTH_KEY=1234567890123456789012345678901234567890

docker-compose.yml

     depends_on:
       - etcd
 
-  # letsencrypt-lexicon obtains Let's Encrypt certificates by modifying
-  # DNS records. It supports several major cloud DNS providers.
-  letsencrypt-lexicon:
-    image: csmith/letsencrypt-lexicon:latest
-    container_name: autoproxy_letsencrypt-lexicon
-    restart: always
-    volumes:
-      - letsencrypt-data:/letsencrypt
-
-  # letsencrypt-generic uses a user-defined hook to update DNS entries.
-  # You need to supply your own hook, available at /dns/hook. See the
-  # letsencrypt.sh repo for details about hook arguments.
-  #letsencrypt-generic:
-  #  image: csmith/letsencrypt-generic:latest
-  #  container_name: autoproxy_letsencrypt-generic
-  #  restart: always
-  #  volumes:
-  #    - letsencrypt-data:/letsencrypt
-  #    - /my/hook/script:/dns/hook
-
   # service-nginx reads proxy information and vhosts from etcd and
   # creates an nginx vhost config to enable SSL-terminated reverse
   # proxying to the containers.