Create and automatically renew website SSL certificates using the letsencrypt free certificate authority, and its client certbot, built on top of the nginx server.
Forked to build locally and update dependencies
Find out more about letsencrypt: https://letsencrypt.org
Certbot github: https://github.com/certbot/certbot
This repository was originally forked from @henridwyer
, many thanks to him for the good idea. I've rewritten about 90% of this repository, so it bears almost no resemblance to the original. This repository is much more opinionated about the structure of your webservers/containers, however it is easier to use as long as all of your webservers follow that pattern.
Create a config directory for your custom configs:
mkdir conf.d
And a .conf
in that directory:
server {
listen 443 ssl;
server_name server.company.com;
ssl_certificate /etc/letsencrypt/live/server.company.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/server.company.com/privkey.pem;
location / {
...
}
}
Wrap this all up with a docker-compose.yml
file:
version: '3'
services:
frontend:
restart: unless-stopped
build: frontend
ports:
- 80:80/tcp
- 443:443/tcp
environment:
- [email protected]
volumes:
- ./conf.d:/etc/nginx/user.conf.d :ro
...
- Ditch cron, it never liked me anway. Just use
sleep
and awhile
loop instead.
- Complete rewrite, build this image on top of the
nginx
image, and runcron
/certbot
alongsidenginx
so that we can have nginx configs dynamically enabled as we get SSL certificates.
- Add
nginx_auto_enable.sh
script to/etc/letsencrypt/
so that users can bring nginx up before SSL certs are actually available.
- Change the name to
docker-certbot-cron
, update documentation, strip out even more stuff I don't care about.
- Rip out a bunch of stuff because
@staticfloat
is a monster, and likes to do things his way
- Add support for webroot mode.
- Run certbot once with all domains.
- Upgraded to use certbot client
- Changed image to use alpine linux
- Initial release