GitHub - philippe-bourdeau/docker-certbot

Pre-requisites:

git -- to upload code to your server (or you could scp code to remote instead)
docker
docker-compose
reference https://www.humankode.com/ssl/how-to-set-up-free-ssl-certificates-from-lets-encrypt-using-docker-and-nginx

Deployment structure :

Certificates and related files will be generated in /docker-volumes/
Place 2 projects side by side in remote server $HOME like the following (scp or git to get the code) /home/pbb /certbot /valuation-table

Generate Test Certificates

Start certbot deployment on the remote server (docker-compose up --build -d)
If you have issues with certbot server, try displaying the public/index.html (http://cloudhelp.ca)

export APPLICATION_PATH=$HOME/valuation-table

sudo docker run -it --rm -v /docker-volumes/certbot/etc/letsencrypt:/etc/letsencrypt \
-v /docker-volumes/certbot/var/lib/letsencrypt:/var/lib/letsencrypt \
-v /docker-volumes/certbot/var/log/letsencrypt:/var/log/letsencrypt \
-v $HOME/certbot/public:/data/letsencrypt \
certbot/certbot certonly --webroot --register-unsafely-without-email --agree-tos --webroot-path=/data/letsencrypt \
--staging -v \
-d cloudhelp.ca -d www.cloudhelp.ca

Generate production certificate

Remove --staging argument from command above; will generate actual certificates (Do it at least once, to override staging certificates)

sudo docker run -it --rm -v /docker-volumes/certbot/etc/letsencrypt:/etc/letsencrypt \
-v /docker-volumes/certbot/var/lib/letsencrypt:/var/lib/letsencrypt \
-v /docker-volumes/certbot/var/log/letsencrypt:/var/log/letsencrypt \
-v $HOME/certbot/public:/data/letsencrypt \
certbot/certbot certonly --webroot --register-unsafely-without-email --agree-tos --webroot-path=/data/letsencrypt \
-d cloudhelp.ca -d www.cloudhelp.ca

Remove certbot deployment

docker-compose down

Generate dh file if needed

sudo openssl dhparam -out $APPLICATION_PATH/docker/dhparam-2048.pem 2048

Move files and change permissions

sudo cp /docker-volumes/certbot/etc/letsencrypt/live/cloudhelp.ca/fullchain.pem $APPLICATION_PATH/docker/fullchain.pem
sudo cp /docker-volumes/certbot/etc/letsencrypt/live/cloudhelp.ca/privkey.pem $APPLICATION_PATH/docker/privkey.pem
sudo chmod 0644 \
$APPLICATION_PATH/docker/fullchain.pem \
$APPLICATION_PATH/docker/privkey.pem \
$APPLICATION_PATH/docker/dhparam-2048.pem
sudo chown pbb: \
$APPLICATION_PATH/docker/fullchain.pem \
$APPLICATION_PATH/docker/privkey.pem \
$APPLICATION_PATH/docker/dhparam-2048.pem

Start deployment

docker-compose up --build -d

TODOs && Ajustments

Find a way to improve deployment (not having to move files manually, change permissions and etc. )
Renew certificate

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
public		public
.gitignore		.gitignore
README.md		README.md
docker-compose.yml		docker-compose.yml
nginx.conf		nginx.conf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Pre-requisites:

Deployment structure :

Generate Test Certificates

Generate production certificate

Generate dh file if needed

Move files and change permissions

TODOs && Ajustments

About

Releases

Packages

Languages

philippe-bourdeau/docker-certbot

Folders and files

Latest commit

History

Repository files navigation

Pre-requisites:

Deployment structure :

Generate Test Certificates

Generate production certificate

Generate dh file if needed

Move files and change permissions

TODOs && Ajustments

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages