Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/vlauciani/nginx-certbot
https://github.com/vlauciani/nginx-certbot
Last synced: 25 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/vlauciani/nginx-certbot
- Owner: vlauciani
- License: bsd-3-clause
- Created: 2024-06-28T11:41:13.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2024-07-06T15:05:19.000Z (6 months ago)
- Last Synced: 2024-07-07T16:15:42.380Z (6 months ago)
- Language: Shell
- Size: 17.6 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Authors: AUTHORS.md
Awesome Lists containing this project
README
[](https://github.com/vlauciani/nginx-certbot/blob/main/LICENSE)
[](https://github.com/vlauciani/nginx-certbot/issues)
[](https://hub.docker.com/r/vlauciani/nginx-certbot)
[](https://github.com/vlauciani/nginx-certbot/actions)
[](https://github.com/vlauciani/nginx-certbot)
# nginx-certbot
## Getting started
### Run container
Run container in _daemon_ mode (see below for _ENVIRONMENTS_ details):
```sh
docker run -d \
--restart always \
-p80:80 \
-p443:443 \
--name nginx-certbot \
-e [email protected] \
-e [email protected] \
-e HOST_SMTP=smtp.example.com \
-e CERTBOT_ENABLE_RENEW=1 \
-e CERTBOT_CA_HOST=https://acme.sectigo.com/v2/OV \
-v $(pwd)/volumes/etc/letsencrypt:/etc/letsencrypt \
vlauciani/nginx-certbot
```
_ONLY FIRST TIME_ you need to register ACME account into the _nginx-certbot_ running container:
```sh
docker exec -it nginx-certbot certbot register --server https://acme.sectigo.com/v2/OV --email --eab-kid --eab-hmac-key
```
Get the certificate, install it, and _automatically_ restart _Nginx_ (the `server_name` in the _Nginx_ configuration must match the domain specified with `--domain` option):
```sh
docker exec -it nginx-certbot certbot --nginx --non-interactive --server https://acme.sectigo.com/v2/OV -v --cert-name --domain
```
### Environment variable
With _environment_ variables you can set:
1. `CERTBOT_ENABLE_RENEW=1` (default `0`): execute every 12h
2. `CERTBOT_ENABLE_RENEW_SEND_EMAIL=1` (default `0`): used to send en e-mail on each renew
3. `HOST_SMTP=smtp.example.com` (default _not set_): It is used to set SMTP host to send an email at each _renew_; Works only on port `25`.
4. `[email protected]` (default _not set_): Set the sender
5. `[email protected]` (default _not set_): Set the receiver
6. `CERTBOT_CA_HOST=https://acme.sectigo.com/v2/OV` (default `https://acme.sectigo.com/v2/OV`): Set CA Remote server
### _Manual_ operations
#### renew certificate
```sh
docker exec -it nginx-certbot certbot renew --server https://acme.sectigo.com/v2/OV -v
```
#### revoke certificate
```sh
docker exec -it nginx-certbot certbot revoke --server https://acme.sectigo.com/v2/OV -v --cert-name
```
#### delete certificate
```sh
docker exec -it nginx-certbot certbot delete --server https://acme.sectigo.com/v2/OV -v --cert-name
```
### Build docker images by _yourself_
Instead of using the _pre_-built docker image, you can build the Docker image by _yourself_:
```sh
docker build -t vlauciani/nginx-certbot .
```
### Use in `docker compose`
Example:
```sh
services:
nginx:
image: vlauciani/nginx-certbot:latest
restart: always
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
- ./nginx/conf.d:/etc/nginx/conf.d
- ./letsencrypt:/etc/letsencrypt
ports:
- 443:443
environment:
- CERTBOT_ENABLE_RENEW=1
- CERTBOT_ENABLE_RENEW_SEND_EMAIL=1
- HOST_SMTP=ssmail.rm.ingv.it
- [email protected]
- [email protected]
- CERTBOT_CA_HOST=https://acme.sectigo.com/v2/OV
```
## Contribute
Thanks to your contributions!
Here is a list of users who already contributed to this repository: \
