improve documentation - add dialog dep
This commit is contained in:
parent
e78baf4c37
commit
3f7c7f3950
|
@ -4,7 +4,7 @@ MAINTAINER Henri Dwyer <henri@dwyer.io>
|
|||
VOLUME /certs
|
||||
|
||||
RUN apk add --no-cache --virtual .build-deps linux-headers gcc musl-dev\
|
||||
&& apk add --no-cache libffi-dev openssl-dev\
|
||||
&& apk add --no-cache libffi-dev openssl-dev dialog\
|
||||
&& pip install certbot\
|
||||
&& apk del .build-deps\
|
||||
&& mkdir /scripts
|
||||
|
|
40
README.md
40
README.md
|
@ -3,13 +3,37 @@ Create and automatically renew website SSL certificates using the letsencrypt fr
|
|||
|
||||
This image will renew your certificates every 2 months, and place the lastest ones in the /certs folder in the container, and in the ./certs folder on the host.
|
||||
|
||||
# Setup
|
||||
# Usage
|
||||
|
||||
## Setup
|
||||
|
||||
In docker-compose.yml, change the environment variables:
|
||||
- DOMAINS: a space separated list of domains for which you want to generate certificates.
|
||||
- EMAIL: where you will receive updates from letsencrypt.
|
||||
- CONCAT: true or false on whether you want to concatenate the certificate's full chain with the private key (required for e.g. haproxy), or keep the two files separate (required for e.g. nginx or apache).
|
||||
|
||||
## Running
|
||||
|
||||
### Using the automated image
|
||||
|
||||
docker run --name certbot -p 80 -v `pwd`/certs:/certs --restart always -e "DOMAINS=domain1.com domain2.com" -e "EMAIL=webmaster@domain1.com" -e "CONCAT=true" henridwyer/docker-letsencrypt-cron
|
||||
|
||||
### Building the image
|
||||
|
||||
The easiest way to build the image yourself is to use the provided docker-compose file.
|
||||
|
||||
```shell
|
||||
docker-compose up -d
|
||||
```
|
||||
|
||||
The first time you start it up, you may want to run the certificate generation script immediately:
|
||||
|
||||
```shell
|
||||
docker exec certbot ash -c "/scripts/run_certbot.sh"
|
||||
```
|
||||
|
||||
At 3AM, on the 1st of every odd month, a cron job will start the script, renewing your certificates.
|
||||
|
||||
# ACME Validation challenge
|
||||
|
||||
To authenticate the certificates, the you need to pass the ACME validation challenge. This requires requests made on port 80 to your.domain.com/.well-known/ to be forwarded to this container.
|
||||
|
@ -50,20 +74,6 @@ server {
|
|||
|
||||
```
|
||||
|
||||
# Usage
|
||||
|
||||
```shell
|
||||
docker-compose up -d
|
||||
```
|
||||
|
||||
The first time you start it up, you may want to run the certificate generation script immediately:
|
||||
|
||||
```shell
|
||||
docker exec certbot sh -c "/run_certbot.sh"
|
||||
```
|
||||
|
||||
At 3AM, on the 1st of every odd month, a cron job will start the script, renewing your certificates.
|
||||
|
||||
# More information
|
||||
|
||||
Find out more about letsencrypt: https://letsencrypt.org
|
||||
|
|
|
@ -1,4 +1,7 @@
|
|||
certbot:
|
||||
version: '2'
|
||||
|
||||
services:
|
||||
certbot:
|
||||
build: .
|
||||
container_name: certbot
|
||||
expose:
|
||||
|
|
|
@ -2,7 +2,7 @@ for d in $DOMAINS
|
|||
do
|
||||
echo "Running certbot for $d"
|
||||
certbot --standalone --standalone-supported-challenges\
|
||||
http-01 --agree-dev-preview --agree-tos --renew-by-default\
|
||||
http-01 --agree-tos --renew-by-default\
|
||||
--email $EMAIL -d $d certonly
|
||||
ec=$?
|
||||
echo "certbot exit code $ec"
|
||||
|
|
Loading…
Reference in New Issue