docker
/
nginx-certbot
1
0
Fork 0
Code Issues Pull Requests 1 Releases Wiki Activity

webroot support

This commit is contained in:
Henri Dwyer 2016-09-21 19:35:19 -04:00
parent 9a06ba637f
commit d4b3dbabab
3 changed files with 32 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -8,6 +8,7 @@ This image will renew your certificates every 2 months, and place the lastest on
## Setup ## Setup
In docker-compose.yml, change the environment variables: In docker-compose.yml, change the environment variables:
- WEBROOT: set this variable to the webroot path if you want to use the webroot plugin. Leave to use the standalone webserver.
- DOMAINS: a space separated list of domains for which you want to generate certificates. - DOMAINS: a space separated list of domains for which you want to generate certificates.
- EMAIL: where you will receive updates from letsencrypt. - EMAIL: where you will receive updates from letsencrypt.
- CONCAT: true or false on whether you want to concatenate the certificate's full chain with the private key (required for e.g. haproxy), or keep the two files separate (required for e.g. nginx or apache). - CONCAT: true or false on whether you want to concatenate the certificate's full chain with the private key (required for e.g. haproxy), or keep the two files separate (required for e.g. nginx or apache).
@ -82,6 +83,10 @@ Certbot github: https://github.com/certbot/certbot
# Changelog # Changelog
### 0.3
- Add support for webroot mode.
- Run certbot once with all domains.
### 0.2 ### 0.2
- Upgraded to use certbot client - Upgraded to use certbot client
- Changed image to use alpine linux - Changed image to use alpine linux

1
docker-compose.yml
View File

@ -8,6 +8,7 @@ services:
- ./certs:/certs - ./certs:/certs
restart: always restart: always
environment: environment:
- WEBROOT=""
- DOMAINS=domain1.com domain2.com - DOMAINS=domain1.com domain2.com
- EMAIL=webmaster@domain1.com - EMAIL=webmaster@domain1.com
- CONCAT=true - CONCAT=true

25
scripts/run_certbot.sh
View File

@ -1,10 +1,23 @@
echo "Running certbot for domains $DOMAINS"
# build arg string
args=""
if [ $WEBROOT ]
then
args=" --webroot -w $WEBROOT"
else
args=" --standalone --standalone-supported-challenges
http-01"
fi
for d in $DOMAINS for d in $DOMAINS
do do
echo "Running certbot for $d" args=$args" -d $d"
certbot --standalone --standalone-supported-challenges\ done
http-01 --agree-tos --renew-by-default\
certbot --agree-tos --renew-by-default\
--text --server https://acme-v01.api.letsencrypt.org/directory\ --text --server https://acme-v01.api.letsencrypt.org/directory\
--email $EMAIL -d $d certonly --email $EMAIL certonly $args
ec=$? ec=$?
echo "certbot exit code $ec" echo "certbot exit code $ec"
if [ $ec -eq 0 ] if [ $ec -eq 0 ]
@ -18,5 +31,7 @@ do
cp /etc/letsencrypt/live/$d/fullchain.pem /certs/$d.pem cp /etc/letsencrypt/live/$d/fullchain.pem /certs/$d.pem
cp /etc/letsencrypt/live/$d/privkey.pem /certs/$d.key cp /etc/letsencrypt/live/$d/privkey.pem /certs/$d.key
fi fi
echo "Success! Your new certificates are in /certs/"
else
echo "Cerbot failed. Check the logs for details."
fi fi
done