nginx docker with certbot docker (Let's Encrypt)
docker-compose.yaml
image: nginx:latest
container_name: nginx
volumes:
- ./tmp-acme_challenge:/tmp/acme_challenge
- ./etc-letsencrypt:/etc/letsencrypt:ro
- ./default.conf:/etc/nginx/conf.d/default.conf
default.conf
location ^~ /.well-known/acme-challenge/ {
allow all;
root /tmp/acme_challenge;
}
ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem;
# issue Let's Encrypt
docker run -it --rm -v /home/user/docker/nginx/etc-letsencrypt:/etc/letsencrypt -v /home/user/docker/nginx/tmp-acme_challenge:/tmp/acme_challenge certbot/certbot certonly --expand --webroot -w /tmp/acme_challenge --text --agree-tos --no-eff-email --email me@domain.tld --verbose --keep-until-expiring --preferred-challenges=http -d domain.tld -d www.domain.tld
# renew cert
docker run -it --rm -v /home/user/docker/nginx/etc-letsencrypt:/etc/letsencrypt -v /home/user/docker/nginx/tmp-acme_challenge:/tmp/acme_challenge certbot/certbot renew
reference
- https://eff-certbot.readthedocs.io/en/stable/install.html#running-with-docker
reference
- https://eff-certbot.readthedocs.io/en/stable/install.html#running-with-docker
docker-compose.yaml
image: nginx:latest
container_name: nginx
volumes:
- ./tmp-acme_challenge:/tmp/acme_challenge
- ./etc-letsencrypt:/etc/letsencrypt:ro
- ./default.conf:/etc/nginx/conf.d/default.conf
default.conf
location ^~ /.well-known/acme-challenge/ {
allow all;
root /tmp/acme_challenge;
}
ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem;
# issue Let's Encrypt
docker run -it --rm -v /home/user/docker/nginx/etc-letsencrypt:/etc/letsencrypt -v /home/user/docker/nginx/tmp-acme_challenge:/tmp/acme_challenge certbot/certbot certonly --expand --webroot -w /tmp/acme_challenge --text --agree-tos --no-eff-email --email me@domain.tld --verbose --keep-until-expiring --preferred-challenges=http -d domain.tld -d www.domain.tld
# renew cert
docker run -it --rm -v /home/user/docker/nginx/etc-letsencrypt:/etc/letsencrypt -v /home/user/docker/nginx/tmp-acme_challenge:/tmp/acme_challenge certbot/certbot renew
reference
- https://eff-certbot.readthedocs.io/en/stable/install.html#running-with-docker
reference
- https://eff-certbot.readthedocs.io/en/stable/install.html#running-with-docker
