Go to file
Elliot Saba 60310354e8
Update screen to use bash shell and adapt parse_keyfile output to… (#10)
Update screen to use bash shell and adapt parse_keyfile output to rem…
2019-07-18 14:29:05 -07:00
example added baisc usage example 2018-09-20 23:34:20 +02:00
src Update screen to use bash shell and adapt parse_keyfile output to remove starting $ character and trailing carriage return character : fixes certificate not found error 2019-05-11 15:28:26 +02:00
LICENSE Just mess it all up 2017-01-01 21:34:59 -08:00
README.md Add usage example to `README.md` 2018-05-02 14:34:23 -07:00

README.md

docker-nginx-certbot

Create and automatically renew website SSL certificates using the letsencrypt free certificate authority, and its client certbot, built on top of the nginx server.

More information

Find out more about letsencrypt: https://letsencrypt.org

Certbot github: https://github.com/certbot/certbot

This repository was originally forked from @henridwyer, many thanks to him for the good idea. I've rewritten about 90% of this repository, so it bears almost no resemblance to the original. This repository is much more opinionated about the structure of your webservers/containers, however it is easier to use as long as all of your webservers follow that pattern.

Usage

Use this image with a Dockerfile such as:

FROM staticfloat/nginx-certbot
COPY *.conf /etc/nginx/conf.d/

And a .conf file such as:

server {
    listen              443 ssl;
    server_name         server.company.com;
    ssl_certificate     /etc/letsencrypt/live/server.company.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/server.company.com/privkey.pem;

    location / {
        ...
    }
}

Wrap this all up with a docker-compose.yml file:

version: '3'
services:
    frontend:
        restart: unless-stopped
        build: frontend
        ports:
            - 80:80/tcp
            - 443:443/tcp
        environment:
            - CERTBOT_EMAIL=owner@company.com
  ...

Changelog

0.8

  • Ditch cron, it never liked me anway. Just use sleep and a while loop instead.

0.7

  • Complete rewrite, build this image on top of the nginx image, and run cron/certbot alongside nginx so that we can have nginx configs dynamically enabled as we get SSL certificates.

0.6

  • Add nginx_auto_enable.sh script to /etc/letsencrypt/ so that users can bring nginx up before SSL certs are actually available.

0.5

  • Change the name to docker-certbot-cron, update documentation, strip out even more stuff I don't care about.

0.4

  • Rip out a bunch of stuff because @staticfloat is a monster, and likes to do things his way

0.3

  • Add support for webroot mode.
  • Run certbot once with all domains.

0.2

  • Upgraded to use certbot client
  • Changed image to use alpine linux

0.1

  • Initial release