example - fix certbot wildcard
This commit is contained in:
florian
parent
25494acace
commit
a3cfb50b4d
15
examples/certbot-wildcard/certbot-wildcard.sh
Normal file → Executable file
15
examples/certbot-wildcard/certbot-wildcard.sh
Normal file → Executable file
@ -3,17 +3,24 @@
|
|||||||
# you need to run it before starting bunkerized-nginx
|
# you need to run it before starting bunkerized-nginx
|
||||||
# since it's manual there is no auto renew, you need to run it again before it expires
|
# since it's manual there is no auto renew, you need to run it again before it expires
|
||||||
|
|
||||||
|
DOMAIN="*.website.com"
|
||||||
|
SERVICE="mywww"
|
||||||
|
|
||||||
# ask for wildcard certificate
|
# ask for wildcard certificate
|
||||||
# it's interactive and you will need to add a DNS entry
|
# it's interactive and you will need to add a DNS entry
|
||||||
docker run --rm -it -v "${PWD}/letsencrypt:/etc/letsencrypt" certbot/certbot certonly --manual -d *.website.com --agree-tos --no-bootstrap
|
docker run --rm -it -v "${PWD}/letsencrypt:/etc/letsencrypt" certbot/certbot certonly --manual -d $DOMAIN --agree-tos
|
||||||
|
if [ $? -ne 0 ] ; then
|
||||||
|
echo "error while getting certificate for $DOMAIN"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
# fix permissions
|
# fix permissions
|
||||||
chown -R 101:101 "${PWD}/letsencrypt/live"
|
chown -R 101:101 "${PWD}/letsencrypt"
|
||||||
|
|
||||||
# reload nginx if it's already running (in case of a "renew")
|
# reload nginx if it's already running (in case of a "renew")
|
||||||
if [ -z `docker-compose ps -q mywww` ] || [ -z `docker ps -q --no-trunc | grep $(docker-compose ps -q mywww)` ]; then
|
if [ -z `docker-compose ps -q $SERVICE` ] || [ -z `docker ps -q --no-trunc | grep $(docker-compose ps -q $SERVICE)` ]; then
|
||||||
echo "bunkerized-nginx is not running, skipping nginx reload"
|
echo "bunkerized-nginx is not running, skipping nginx reload"
|
||||||
else
|
else
|
||||||
echo "bunkerized-nginx is running, sending reload order"
|
echo "bunkerized-nginx is running, sending reload order"
|
||||||
docker-compose exec mywww nginx -s reload
|
docker-compose exec $SERVICE nginx -s reload
|
||||||
fi
|
fi
|
||||||
|
|||||||
@ -10,13 +10,13 @@ services:
|
|||||||
- 443:8443
|
- 443:8443
|
||||||
volumes:
|
volumes:
|
||||||
- ./web-files:/www:ro
|
- ./web-files:/www:ro
|
||||||
- ./letsencrypt/live/website.com:/certs:ro
|
- ./letsencrypt:/letsencrypt:ro
|
||||||
environment:
|
environment:
|
||||||
- SERVER_NAME=app1.website.com app2.website.com # replace with your domains
|
- SERVER_NAME=app1.website.com app2.website.com # replace with your domains
|
||||||
- MULTISITE=yes
|
- MULTISITE=yes
|
||||||
- USE_CUSTOM_HTTPS=yes
|
- USE_CUSTOM_HTTPS=yes
|
||||||
- CUSTOM_HTTPS_CERT=/certs/fullchain.pem
|
- CUSTOM_HTTPS_CERT=/letsencrypt/live/website.com/fullchain.pem
|
||||||
- CUSTOM_HTTPS_KEY=/certs/privkey.pem
|
- CUSTOM_HTTPS_KEY=/letsencrypt/live/website.com/privkey.pem
|
||||||
- REDIRECT_HTTP_TO_HTTPS=yes
|
- REDIRECT_HTTP_TO_HTTPS=yes
|
||||||
- DISABLE_DEFAULT_SERVER=yes
|
- DISABLE_DEFAULT_SERVER=yes
|
||||||
- USE_CLIENT_CACHE=yes
|
- USE_CLIENT_CACHE=yes
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user