nginx+certbot en contenedor
- crear estructura de directorios:
mkdir -p data/nginx/conf.d mkdir -p data/nginx/www mkdir -p data/certbot/www mkdir -p data/certbot/conf
- crear fichero configuración nginx:
server { listen 80; server_name <SERVER_NAME>; # location / { # return 301 https://$host$request_uri; # } root /var/www/html; index index.html; location /.well-known/acme-challenge/ { root /var/www/certbot; } } #server { # listen 443 ssl; # server_name <SERVER_NAME>; # ssl_certificate /etc/letsencrypt/live/k0.vividumcodex.com/fullchain.pem; # ssl_certificate_key /etc/letsencrypt/live/k0.vividumcodex.com/privkey.pem; ## include /etc/letsencrypt/options-ssl-nginx.conf; ## ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # # location / { # root /var/www/html; # } } - ejecutar:
- run-nginx.sh
docker run \ -it \ --name nginx \ --rm \ -p 80:80 \ -v ${PWD}/data/nginx/conf.d:/etc/nginx/conf.d \ -v ${PWD}/data/nginx/www:/var/www/html \ -v ${PWD}/data/certbot/conf:/etc/letsencrypt \ -v ${PWD}/data/certbot/www:/var/www/certbot \ nginx:1.15-alpine
- ejecutar:
- run-certbot.sh
docker run \ -it \ --name certbot \ --rm \ -v ${PWD}/data/certbot/conf:/etc/letsencrypt \ -v ${PWD}/data/certbot/www:/var/www/certbot \ certbot/certbot:latest certonly
- opción 2 (place files in webroot directory)
- webroot: /var/www/certbot
origen
https://medium.com/@pentacent/nginx-and-lets-encrypt-with-docker-in-less-than-5-minutes-b4b8a60d3a71
- docker-compose.yml
version: '3' services: nginx: image: nginx:1.15-alpine ports: - "80:80" - "443:443" volumes: - ./data/nginx/conf.d:/etc/nginx/conf.d - ./data/nginx/www:/var/www/html - ./data/certbot/conf:/etc/letsencrypt - ./data/certbot/www:/var/www/certbot # command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'" certbot: image: certbot/certbot volumes: - ./data/certbot/conf:/etc/letsencrypt - ./data/certbot/www:/var/www/certbot command: "certonly" # # entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"