Added configuration which adds Nginx with Letsencrypt certificate

2025-12-07 17:08:53 +01:00 · 2020-04-28 18:45:15 +10:00
parent 4a44c06b6e
commit 51f229262d
4 changed files with 141 additions and 0 deletions
--- a/nginx-certbot/Dockerfile
+++ b/nginx-certbot/Dockerfile
@@ -0,0 +1,10 @@
+FROM nginx
+RUN apt-get update && \
+    apt-get install -y certbot curl python-certbot-nginx && \
+    apt-get -y autoclean; apt-get -y autoremove; \
+    rm -rf /var/lib/apt/lists/*
+
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod 700 /entrypoint.sh
+
+CMD ["/entrypoint.sh"]
--- a/nginx-certbot/entrypoint.sh
+++ b/nginx-certbot/entrypoint.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+cert_path=/etc/letsencrypt/live/$(echo $HOSTNAMES | awk '{print $1}')
+mkdir -p cert_path
+
+# if there is no certificate yet, get one
+email="--email $CERT_EMAIL"
+if [ -z $CERT_EMAIL ]
+then
+    email='--register-unsafely-without-email'
+fi
+if [ ! -e $cert_path/privkey.pem ]
+then
+    names=""
+    for h in $HOSTNAMES
+    do
+        names=$(echo "$names -d $h")
+    done
+    echo "Getting new certificate..."
+    /usr/bin/curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf > /etc/letsencrypt/options-ssl-nginx.conf
+    /usr/bin/curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot/certbot/ssl-dhparams.pem > /etc/letsencrypt/ssl-dhparams.pem
+    /usr/bin/certbot certonly --standalone $names --agree-tos $email
+fi
+
+nginx -g "daemon off;"