initial commit

Dockerfile

@@ -0,0 +1,16 @@
+FROM quay.io/letsencrypt/letsencrypt
+MAINTAINER Henri Dwyer <henri@dwyer.io>
+
+RUN mkdir /certs
+ 
+# Add crontab file in the cron directory
+ADD crontab /etc/cron.d/crontab
+ 
+# Give execution rights on the cron job
+RUN chmod 0644 /etc/cron.d/crontab
+
+COPY ./scripts/ /
+
+ENTRYPOINT ["/bin/sh", "-c"]
+
+CMD ["/run_cron.sh"]

crontab

@@ -0,0 +1,2 @@
+0 3 1 */2 * root sh /run_letsencrypt.sh
+

docker-compose.yml

@@ -0,0 +1,12 @@
+letsencrypt:
+  build: .
+  container_name: letsencrypt
+  expose:
+    - 80
+  net: frontend
+  volumes:
+    - /certs:/certs
+  restart: always
+  environment:
+    - DOMAINS=domain1.com domain2.com
+    - EMAIL=webmaster@domain1.com

scripts/run_cron.sh

@@ -0,0 +1 @@
+cron -f

scripts/run_letsencrypt.sh

@@ -0,0 +1,18 @@
+for d in $DOMAINS
+do
+ echo "Running letsencrypt for $d"
+ letsencrypt --standalone --standalone-supported-challenges\
+  http-01 --agree-dev-preview --agree-tos --renew-by-default\
+  --server https://acme-v01.api.letsencrypt.org/directory\
+  --email $EMAIL -d $d certonly
+ ec=$?
+ echo "letsencrypt exit code $ec"
+ if [ $ec -eq 0 ]
+ then
+  # For haproxy, you need to concatenate the full chain with the private key
+  cat /etc/letsencrypt/live/$d/fullchain.pem /etc/letsencrypt/live/$d/privkey.pem > /certs/$d.pem
+  # For nginx or apache, you need both separate files
+  # cp /etc/letsencrypt/live/$d/fullchain.pem /certs/$d.pem
+  # cp /etc/letsencrypt/live/$d/privkey.pem /certs/$d.key
+ fi
+done