fix busy resource, switch to certbot

nginx-le · Oct 19, 2016 · 36029c7 · 36029c7
1 parent 390e1e4
commit 36029c7
Show file tree

Hide file tree

Showing 5 changed files with 6 additions and 4 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+etc/ssl/
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM nginx:stable-alpine
+FROM nginx:1.10-alpine
 
 ADD conf/nginx.conf /etc/nginx/nginx.conf
 #ADD conf/service.conf /etc/nginx/conf.d/service.conf
@@ -9,7 +9,7 @@ ADD script/le.sh /le.sh
 RUN \
  chmod +x /entrypoint.sh && \
  chmod +x /le.sh && \
- apk add  --update letsencrypt tzdata openssl && \
+ apk add  --update certbot tzdata openssl && \
  rm -rf /var/cache/apk/*
 
 CMD ["/entrypoint.sh"]
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -16,7 +16,7 @@ services:
 
         volumes:
             - ./etc/ssl:/etc/nginx/ssl
-            - ./etc/service-example.conf:/etc/nginx/conf.d/service.conf
+            - ./etc/service-example.conf:/etc/nginx/service.conf
 
         ports:
             - "80:80"

diff --git a/script/entrypoint.sh b/script/entrypoint.sh
@@ -10,6 +10,7 @@ echo $TZ > /etc/timezone && \
 echo "ssl_key=${SSL_KEY:=le-key.pem}, ssl_cert=${SSL_CERT:=le-crt.pem}"
 SSL_KEY=/etc/nginx/ssl/${SSL_KEY}
 SSL_CERT=/etc/nginx/ssl/${SSL_CERT}
+cp -f /etc/nginx/service.conf /etc/nginx/conf.d/service.conf
 sed -i "s|SSL_KEY|${SSL_KEY}|g" /etc/nginx/conf.d/service.conf
 sed -i "s|SSL_CERT|${SSL_CERT}|g" /etc/nginx/conf.d/service.conf
 

diff --git a/script/le.sh b/script/le.sh
@@ -1,7 +1,7 @@
 #!/bin/sh
 
 if [ "$LETSENCRYPT" = "true" ]; then
-    letsencrypt certonly -t -n --agree-tos --renew-by-default --email "${LE_EMAIL}" --webroot -w /usr/share/nginx/html -d $LE_FQDN
+    certbot certonly -t -n --agree-tos --renew-by-default --email "${LE_EMAIL}" --webroot -w /usr/share/nginx/html -d $LE_FQDN
     cp -fv /etc/letsencrypt/live/$LE_FQDN/privkey.pem /etc/nginx/ssl/le-key.pem
     cp -fv /etc/letsencrypt/live/$LE_FQDN/fullchain.pem /etc/nginx/ssl/le-crt.pem
 else