Skip to content

wil92/nginx-certbot-setup

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

37 Commits

.github/workflows

.github/workflows

 
 

scripts

scripts

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

continue.sh

continue.sh

 
 

deploy.sh

deploy.sh

 
 

docker-compose.yml

docker-compose.yml

 
 

Repository files navigation

Certbot setup with docker

All the configuration needed to deploy certbot in docker and integrate it with your hosting reverse proxy.

1. Setting up

Download the project

You can clone or download the project from the current repository.

Create environment file

Create in the directory of the project the file .env and setting up the following information:

DOMAINS="guilledev.com www.guilledev.com"
DOMAIN=guilledev.com
EMAIL=my@guilledev.com
CERTBOT_CERT_PATH=/home/app/angemy/certbot
  • DOMAINS: Is the list of domains that you want to have under the same ssl certificate.
  • DOMAIN: Is the main domain related to the ssl certificate.
  • EMAIL: Email under Let's Encrypt will send and communicate with you.
  • CERTBOT_CERT_PATH: This is a folder where all the information related to certbot will be stored by the docker container.

Create the CERTBOT_CERT_PATH directory

In any place of your hosting you need to create a folder that will be used to store the information used by the certbot docker container.

2. Update nginx configuration

This new configuration need to be added to the hosting nginx. With this configuration certbot will be able to make the validation of the domain and at the same time nginx will be integrated with the certificates generated by Let's Encrypt.

server {
  listen 80;
  server_name guilledev.com www.guilledev.com;

  location /.well-known/acme-challenge/ {
    # CERTBOT_CERT_PATH
    root /home/app/nginx/certbot_config;
  }

  # Force any unsecure navigation to use SSL
  location / {
    return 301 https://$host$request_uri;
  }  
}

server {
  listen 443;
  server_name guilledev.com www.guilledev.com;

  # CERTBOT_CERT_PATH with the internal path to the certificates, #
  # change guilledev.com by you main domain                       #
  ssl_certificate /home/app/nginx/certbot/live/guilledev.com/fullchain.pem;
  ssl_certificate_key /home/app/nginx/certbot/live/guilledev.com/privkey.pem;

  # The internal redirection to your services
  location / {
    default_type text/html;
    return 200 "<!DOCTYPE html><h2>in progress!!!</h2>\n";
  }
}

3. Steps to start certbot

After the steps 1 and 2 where finish, you can follow the following steps to start your docker container.

Run the deploy.sh script

# ./deploy.sh <name of the docker container>
./deploy.sh guilledev_certbot

Note: this will start the docker container with some dummy certificates to allow nginx restart with the new configuration

Restart nginx

After the docker container is running, it will create a dummy certificate so the configuration of nginx will not fail because the certificates are not available. Before restart the nginx, run the following command to the check the integrity of the nginx configuration:

sudo nginx -t

If the output is ok then you can restart the nginx:

sudo service nginx restart

Allow certbot to get the new certificates

After the nginx was restarted, then you can execute the next command that will allow the certbot docker container to validate and get the new certificates from Let's Encrypt.

./continue.sh

Check docker log

To be sure that everything when right, you can check the docker container logs:

docker logs <contaner name>

License

The license of this application can be found here LICENSE.md

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages