It probably won't be the most elegant solution to this situation. But I was stuck with Adguard Home in a Docker setup and desperately in need for a SSL certificate.
Fiddled around some, but got stuck even more in my newly found time sink. After finding the thoroughly written blog posts [1] and [2] of Martin Falkus, it put my train of thoughts in motion. Thanks Martin!
- Disclaimer: you need to be on at least DSM7.0
- Set the hostname in Control Panel > External Access > Advanced
- Go to Control Panel > Security > Certificate > Request a Lets Encrypt cert
- Create a new action in Task Scheduler:
cp /usr/syno/etc/certificate/_archive/ppUPmS/ECC-fullchain.pem /volume1/docker/adguardhome/certs
cp /usr/syno/etc/certificate/_archive/ppUPmS/ECC-privkey.pem /volume1/docker/adguardhome/certs- _archive because it needs the actual files, not the symlinks in the live folder
- the ppUPmS directory will differ, it's just a random identifier which luckily remains the same even after renewing the certs
Update your yaml file or container config accordingly so you can link to the certs:
volumes:
- /volume1/docker/adguardhome/certs:/opt/adguardhome/certsAnd now the fun part. You can go update your setting.
The task scheduler script runs every night, and I requested the cert just before midnight. So basically there will be a couple of minutes every 90-ish days Adguard Home won't have valid certs to work with. For me very workable, not the most elegant like I said but hey.. if it works it works.
Let me know in the comments if you perhaps have any suggestions to make it more elegant 🎩😉
