easy to use NGINX + certbot docker compose application

this is a simple example integration of these docker images:

• coreycothrum/certbot (on docker hub here)
• coreycothrum/nginx (on docker hub here)

see coreycothrum/fastapi_template for an additional, more advanced, integration example.

initial setup

1. Update environment variables. Defaults are in .env, but should be unique to your deployment.

   This should be a permanent change, so modify/commit your local .env, or otherwise set to ensure consistency from here on out.

2. generate self-signed seed certificate(s):

    docker compose down -v
    docker compose run  --rm --entrypoint generate_self_signed_certs.sh certbot
   

3. start docker compose:

    docker compose up    \
        --build          \
        --detach         \
        --force-recreate \
        --remove-orphans \
        --wait
   

4. use certbot to obtain legit certificates from letsencrypt.com:

    docker compose exec certbot request_certs.sh
   

   monitor to see if certbot succeeded:

    docker compose logs -f
   

5. reload NGINX to use the new cert(s):

    docker compose exec nginx nginx -s reload
   

6. Test in browser (i.e. navigate to https://$DOMAIN_NAME). If not using localhost, you should not see ERR_CERT_AUTHORITY_INVALID type warning(s).

environment variables

variable name	default value	description
DOMAIN_NAME	localhost.localhost	domain name of server. default is OK for development
DOMAIN_EMAIL		email for cerbot security notifications

custom configuration options

after initial setup, you may want to further customize the NGINX configuration. See coreycothrum/nginx_docker for available options.