Skip to content

williehao/nginx-certbot

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

66 Commits
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
cronjob
cronjob
 
 
nginx-certbot.iuml
nginx-certbot.iuml
 
 
nginx.conf
nginx.conf
 
 
nginx.sh
nginx.sh
 
 

Repository files navigation

Nginx-Certbot-Docker (Automation Multiple Create or Renew SSL)

Automatically create and renew SSL certificates with Certbot and Nginx using the Let's Encrypt free certificate authority into the Docker environment.

Diagram

image

your-UML-diagram-name11

Example for combining CA key with Nginx-SSL key

How to use CA key with NGINX for SSL(HTTPS)

Quick Start

## Step:0. Change the nginx.conf content to your domain name

## Step:1. Config your nginx.conf with your Email and Domain name and then Running 'docker run"
docker run -itd --name test  --network=host  \
-v "${PWD}"/nginx.conf:/etc/nginx/conf.d/nginx.conf \
-v "${PWD}"/nginx.sh:/etc/nginx/nginx.sh -v "${PWD}"/cronjob:/etc/cron.d/cronjob \
-v "${PWD}"/:/etc/letsencrypt/ \
williehao/nginx-cert:v20.04

## Step:2. Get a CA Key from your host's direction
ls *** (your domain name)

## if you didn't see CA key please use "find" command line to find CA key location
sudo find / -name fullchain.pem 

## Step3: Combine CA key to another container(APP) which wants to use CA Key: (For example: Ant-Media-Server)
Docker run  -v "${PWD}"/:/etc/letsencrypt/  ***

Usage

Before you start with IPV6(or IPV4)

Please check your environment has already had:

  1. Domain name EX: www.google.com
  2. IPV6 address
  3. 80 Port (for Let's Encrypt checking your Domain name )
  4. Docker

How to check the local environment

  1. A Domain name is okay (EX: ping6 www.google.com)
    image
  2. An IPV6 address is already (EX:ifconfig) image
  3. 80 port check (EX: telnet www.google.com 80)
    image

Running Nginx-Certbot-Docker

image

docker run -itd --name test  --network=host  \
-v "${PWD}"/nginx.conf:/etc/nginx/conf.d/nginx.conf \
-v "${PWD}"/nginx.sh:/etc/nginx/nginx.sh -v "${PWD}"/cronjob:/etc/cron.d/cronjob \
-v "${PWD}"/:/etc/letsencrypt/ \
williehao/nginx-cert:v20.04

PS: don't use "--rm" if you want to auto-update CA key

How to check more messages

you can check log file from crontab.log or /var/log/letsencrypt/letsencrypt.log, which will give you very more detailed messages

You will get the CA key

image

### in the container
ls /etc/letsencrypt/live/***.***.com/

image

### in the Docker environment
ls live

Troubleshooting

1.Q: too many certificates (5) already issued for this exact set of domains in the last 168 hours
A: waiting for the time because this rate limit is exceeded when a subscriber requests a certificate for the same “exact set” of hostnames more than 5 times in a single week
Reference

2.Q: too many failed authorizations recently
A: Change Email address
image

PS: Let’s Encrypt provides rate limits

About

Nginx and Certbot with Docker for the automation renew CA/SSL key (included multiple keys)

Topics

letsencrypt docker nginx ssl dockerfile certificate ipv6 crontab https container ipv4 certbot

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages