Adding lego to image
This commit is contained in:
parent
364e4d7e02
commit
e51ad7a7da
@ -10,10 +10,12 @@ RUN apt-get update && apt-get install certbot -yy \
|
||||
&& rm -rf /var/lib/apt/lists/* /tmp/*
|
||||
|
||||
# Add Cloudflare Certbot
|
||||
RUN echo "deb http://ftp.debian.org/debian stretch-backports main" > /etc/apt/sources.list.d/stretch-backports.list \
|
||||
&& apt-get update && apt-get -t stretch-backports install python3-certbot-dns-cloudflare -yy \
|
||||
RUN apt-get update && apt-get install python3-certbot-dns-cloudflare -yy \
|
||||
&& rm -rf /var/lib/apt/lists/* /tmp/*
|
||||
|
||||
# Add acme-lego Certbot
|
||||
RUN curl -sL https://github.com/go-acme/lego/releases/download/v4.1.3/lego_v4.1.3_linux_amd64.tar.gz | tar -C /usr/local/sbin -xzf -
|
||||
|
||||
#RUN cd /usr/local/sbin && \
|
||||
# curl -O https://dl.eff.org/certbot-auto && \
|
||||
# chmod +x certbot-auto && ./certbot-auto -n --install-only
|
||||
@ -23,7 +25,7 @@ RUN echo "deb http://ftp.debian.org/debian stretch-backports main" > /etc/apt/so
|
||||
EXPOSE 80 443
|
||||
|
||||
COPY renew.sh /usr/local/sbin
|
||||
LABEL cron.container.weekly root#/usr/local/sbin/renew.sh
|
||||
LABEL cron.container.weekly root#/usr/local/sbin/renew.sh certbot
|
||||
|
||||
# Expose our web root and log directories log.
|
||||
#VOLUME [ "/etc/nginx/conf.d", "/etc/nginx/default.d" ]
|
||||
|
20
renew.sh
20
renew.sh
@ -1,3 +1,19 @@
|
||||
#!/bin/sh
|
||||
#!/bin/bash
|
||||
|
||||
certbot renew -q --config-dir /etc/nginx/conf.d/ssl/letsencrypt/ --renew-hook "/usr/sbin/nginx -s reload"
|
||||
if [ "$1" == "certbot" ]; then
|
||||
certbot renew -q --config-dir /etc/nginx/conf.d/ssl/letsencrypt/ --renew-hook "/usr/sbin/nginx -s reload"
|
||||
|
||||
elif [ "$1" == "lego" ]; then
|
||||
LEGO_ACCOUNT_EMAIL=${LEGO_ACCOUNT_EMAIL:? LEGO_ACCOUNT_EMAIL not set}
|
||||
LEGO_CERT_DOMAIN=${LEGO_CERT_DOMAIN:? LEGO_CERT_DOMAIN not set}
|
||||
|
||||
LEGO_CERT_DOMAIN=("${LEGO_CERT_DOMAIN[@]/#/--domains=\"}")
|
||||
if [ -n "${LEGO_CERT_DOMAIN}" ]; then
|
||||
LEGO_CERT_DOMAIN=${LEGO_CERT_DOMAIN:+"${LEGO_CERT_DOMAIN[@]/%/\"}"}
|
||||
fi
|
||||
|
||||
echo lego --email="mail@gmail.com" ${LEGO_CERT_DOMAIN} --tls --tls.port 444 renew --renew-hook="/usr/sbin/nginx -s reload"
|
||||
|
||||
else
|
||||
echo "! ERROR: Unknown certbot method [$1]"
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user