commit cffd93a5196b72cd3c7e0b16d371c258008f8d2f Author: henridwyer Date: Sun Nov 22 14:17:01 2015 -0500 initial commit diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..59e5743 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,16 @@ +FROM quay.io/letsencrypt/letsencrypt +MAINTAINER Henri Dwyer + +RUN mkdir /certs + +# Add crontab file in the cron directory +ADD crontab /etc/cron.d/crontab + +# Give execution rights on the cron job +RUN chmod 0644 /etc/cron.d/crontab + +COPY ./scripts/ / + +ENTRYPOINT ["/bin/sh", "-c"] + +CMD ["/run_cron.sh"] diff --git a/crontab b/crontab new file mode 100644 index 0000000..ee03834 --- /dev/null +++ b/crontab @@ -0,0 +1,2 @@ +0 3 1 */2 * root sh /run_letsencrypt.sh + diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..1b61a55 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,12 @@ +letsencrypt: + build: . + container_name: letsencrypt + expose: + - 80 + net: frontend + volumes: + - /certs:/certs + restart: always + environment: + - DOMAINS=domain1.com domain2.com + - EMAIL=webmaster@domain1.com diff --git a/scripts/run_cron.sh b/scripts/run_cron.sh new file mode 100755 index 0000000..81853ed --- /dev/null +++ b/scripts/run_cron.sh @@ -0,0 +1 @@ +cron -f diff --git a/scripts/run_letsencrypt.sh b/scripts/run_letsencrypt.sh new file mode 100755 index 0000000..9b50775 --- /dev/null +++ b/scripts/run_letsencrypt.sh @@ -0,0 +1,18 @@ +for d in $DOMAINS +do + echo "Running letsencrypt for $d" + letsencrypt --standalone --standalone-supported-challenges\ + http-01 --agree-dev-preview --agree-tos --renew-by-default\ + --server https://acme-v01.api.letsencrypt.org/directory\ + --email $EMAIL -d $d certonly + ec=$? + echo "letsencrypt exit code $ec" + if [ $ec -eq 0 ] + then + # For haproxy, you need to concatenate the full chain with the private key + cat /etc/letsencrypt/live/$d/fullchain.pem /etc/letsencrypt/live/$d/privkey.pem > /certs/$d.pem + # For nginx or apache, you need both separate files + # cp /etc/letsencrypt/live/$d/fullchain.pem /certs/$d.pem + # cp /etc/letsencrypt/live/$d/privkey.pem /certs/$d.key + fi +done