2.5 KiB
2.5 KiB
Generate SSL Certificates using Certbot and Docker
Based on this post
Preparation
-
In
pwd
createSite
with a dummyindex.html
-
Create
docker-compose.yml
with the following content:
version: '3.1'
services:
letsencrypt:
image: nginx:latest
container_name: letsencrypt
ports:
- 80:80
volumes:
- ./nginx.conf:/etc/nginx/conf.d/default.conf
- ./Site:/usr/share/nginx/html
networks:
- docker-network
networks:
docker-network:
driver: bridge
- Create
nginx.conf
with the following content:
server {
listen 80;
listen [::]:80;
server_name jeanclaudegraf.ch *.jeanclaudegraf.ch;
location ~ /.well-known/acme-challenge {
allow all;
root /usr/share/nginx/html;
}
root /usr/share/nginx/html;
index index.html;
}
Sign Certificate for Domain or Subdomain
-
Create Subdomain and all necessary records
-
Start Nginx docker service
docker-compose up
-
Create Test Certificate
sudo docker run -it --rm \
-v /home/jeanclaude/HomeServer/Ssl/etc/letsencrypt:/etc/letsencrypt \
-v /home/jeanclaude/HomeServer/Ssl/var/lib/letsencrypt:/var/lib/letsencrypt \
-v ${PWD}/Site:/data/letsencrypt \
-v /home/jeanclaude/HomeServer/Ssl/var/log/letsencrypt:/var/log/letsencrypt \
certbot/certbot \
certonly --webroot \
--register-unsafely-without-email --agree-tos \
--webroot-path=/data/letsencrypt \
--staging \
-d www.jeanclaudegraf.ch
-
Remove temp files
rm -rf /docker-volume/
-
Create Certificate
sudo docker run -it --rm \
-v /home/jeanclaude/HomeServer/Ssl/etc/letsencrypt:/etc/letsencrypt \
-v /home/jeanclaude/HomeServer/Ssl/var/lib/letsencrypt:/var/lib/letsencrypt \
-v ${PWD}/Site:/data/letsencrypt \
-v /home/jeanclaude/HomeServer/Ssl/var/log/letsencrypt:/var/log/letsencrypt \
certbot/certbot \
certonly --webroot \
--email mail@jeanclaudegraf.ch --agree-tos --no-eff-email \
--webroot-path=/data/letsencrypt \
-d www.jeanclaudegraf.ch -d jeanclaudegraf.ch
- Get Info about certificate
sudo docker run --rm -it --name certbot \
-v /home/jeanclaude/HomeServer/Ssl/etc/letsencrypt:/etc/letsencrypt \
-v /home/jeanclaude/HomeServer/Ssl/var/lib/letsencrypt:/var/lib/letsencrypt \
-v ${PWD}/Site:/data/letsencrypt \
certbot/certbot \
--staging \
certificates
- Stop Nginx docker container
docker-compose down