docker/nginx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adding lego to image

Browse Source
This commit is contained in:
Deon George 2020-12-07 11:43:03 +11:00
parent 364e4d7e02
commit e51ad7a7da
2 changed files with 23 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Dockerfile
View File

@ -10,10 +10,12 @@ RUN apt-get update && apt-get install certbot -yy \
&& rm -rf /var/lib/apt/lists/* /tmp/* && rm -rf /var/lib/apt/lists/* /tmp/*
# Add Cloudflare Certbot # Add Cloudflare Certbot
RUN echo "deb http://ftp.debian.org/debian stretch-backports main" > /etc/apt/sources.list.d/stretch-backports.list \ RUN apt-get update && apt-get install python3-certbot-dns-cloudflare -yy \
&& apt-get update && apt-get -t stretch-backports install python3-certbot-dns-cloudflare -yy \
&& rm -rf /var/lib/apt/lists/* /tmp/* && rm -rf /var/lib/apt/lists/* /tmp/*
# Add acme-lego Certbot
RUN curl -sL https://github.com/go-acme/lego/releases/download/v4.1.3/lego_v4.1.3_linux_amd64.tar.gz | tar -C /usr/local/sbin -xzf -
#RUN cd /usr/local/sbin && \ #RUN cd /usr/local/sbin && \
# curl -O https://dl.eff.org/certbot-auto && \ # curl -O https://dl.eff.org/certbot-auto && \
# chmod +x certbot-auto && ./certbot-auto -n --install-only # chmod +x certbot-auto && ./certbot-auto -n --install-only
@ -23,7 +25,7 @@ RUN echo "deb http://ftp.debian.org/debian stretch-backports main" > /etc/apt/so
EXPOSE 80 443 EXPOSE 80 443
COPY renew.sh /usr/local/sbin COPY renew.sh /usr/local/sbin
LABEL cron.container.weekly root#/usr/local/sbin/renew.sh LABEL cron.container.weekly root#/usr/local/sbin/renew.sh certbot
# Expose our web root and log directories log. # Expose our web root and log directories log.
#VOLUME [ "/etc/nginx/conf.d", "/etc/nginx/default.d" ] #VOLUME [ "/etc/nginx/conf.d", "/etc/nginx/default.d" ]

20
renew.sh
View File

@ -1,3 +1,19 @@
#!/bin/sh #!/bin/bash
certbot renew -q --config-dir /etc/nginx/conf.d/ssl/letsencrypt/ --renew-hook "/usr/sbin/nginx -s reload" if [ "$1" == "certbot" ]; then
certbot renew -q --config-dir /etc/nginx/conf.d/ssl/letsencrypt/ --renew-hook "/usr/sbin/nginx -s reload"
elif [ "$1" == "lego" ]; then
LEGO_ACCOUNT_EMAIL=${LEGO_ACCOUNT_EMAIL:? LEGO_ACCOUNT_EMAIL not set}
LEGO_CERT_DOMAIN=${LEGO_CERT_DOMAIN:? LEGO_CERT_DOMAIN not set}
LEGO_CERT_DOMAIN=("${LEGO_CERT_DOMAIN[@]/#/--domains=\"}")
if [ -n "${LEGO_CERT_DOMAIN}" ]; then
LEGO_CERT_DOMAIN=${LEGO_CERT_DOMAIN:+"${LEGO_CERT_DOMAIN[@]/%/\"}"}
fi
echo lego --email="mail@gmail.com" ${LEGO_CERT_DOMAIN} --tls --tls.port 444 renew --renew-hook="/usr/sbin/nginx -s reload"
else
echo "! ERROR: Unknown certbot method [$1]"
fi