SSL with Lets Encrypt

Drone supports automated SSL configuration and updates using Let’s Encrypt. You can enable Let’s encrypt with the following flag:

DRONE_TLS_AUTOSCERT=true

Next, ensure the desired hostname is configured:

DRONE_SERVER_HOST=domain.com
DRONE_SERVER_PROTO=https

Finally, expose the standard http and https ports:

docker run \
 -p 80:80 \
 -p 443:443

Certificate Cache

Drone caches generated certificates on disk at /data/golang-autocert. This prevents the system from re-requesting certificates on restart. Please ensure the /data volume is mounted to the host.

Certificate Upgrades

Drone uses the official Go acme library which will handle certificate upgrades. There should be no additional configuration or management required.