Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/atomgraph/letsencrypt-nginx-unprivileged

Unprivileged (non-root) nginx Docker image which waits for the upstream server with LetsEncrypt certificate support
https://github.com/atomgraph/letsencrypt-nginx-unprivileged

http-server letsencrypt nginx nginx-unprivileged

Last synced: 9 months ago
JSON representation

Unprivileged (non-root) nginx Docker image which waits for the upstream server with LetsEncrypt certificate support

Awesome Lists containing this project

README 

          
# nginx

Unprivileged nginx Docker image with [awscliv2](https://pypi.org/project/awscliv2/) and [python3-certbot-dns-route53](https://certbot-dns-route53.readthedocs.io/) installed.



# Usage



## Server certificate



If `$GENERATE_SERVER_CERT=true` and `$SERVER_NAME` is set (to the hostname of the server, e.g. `localhost`), a self-signed server certificate and private key will be generated under `$SERVER_CERT_FILE` (by default `/etc/nginx/ssl/server.crt`) and `$SERVER_KEY_FILE` (by default `/etc/nginx/ssl/server.key`), respectively.



## Upstream sever



If `$UPSTREAM_SERVER` is supplied, then the entrypoint script will ping that host for a `$TIMEOUT` number of seconds (the default is 10).



If the host responds during that period, the entrypoint command is executed. Otherwise the script exits.



# Example



Using `docker-compose.yml`:



    version: "2.3"

    services:

      nginx:

        image: atomgraph/nginx

        environment:

          - GENERATE_SERVER_CERT=true

          - SERVER_NAME=localhost

          - UPSTREAM_SERVER=tomcat

        command: nginx -g 'daemon off;'

        volumes:

          - ./certs:/etc/nginx/ssl