Skip to content

Instantly share code, notes, and snippets.

Last active October 29, 2023 18:26
Star You must be signed in to star a gist
Save PieterScheffers/63e4c2fd5553af8a35101b5e868a811e to your computer and use it in GitHub Desktop.
Start docker registry with letsencrypt certificates (Linux Ubuntu)
#!/usr/bin/env bash
# install docker
# install docker-compose
# install letsencrypt
# Generate SSL certificate for domain
/opt/letsencrypt/letsencrypt-auto certonly --keep-until-expiring --standalone -d --email
# Setup letsencrypt certificates renewing
line="30 2 * * 1 /opt/letsencrypt/letsencrypt-auto renew >> /var/log/letsencrypt-renew.log"
(crontab -u root -l; echo "$line" ) | crontab -u root -
# Rename SSL certificates
cd /etc/letsencrypt/live/
cp privkey.pem domain.key
cat cert.pem chain.pem > domain.crt
chmod 777 domain.crt
chmod 777 domain.key
docker run -d -p 5000:5000 --restart=always --name registry \
-v /etc/letsencrypt/live/ \
-v /opt/docker-registry:/var/lib/registry \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
# List images
Copy link


Copy link

czende commented Nov 13, 2017

Better Install letsencrypt with
apt-get install git
git clone /opt/letsencrypt

Copy link

dinoba commented Dec 7, 2017

After renew you have to do "Rename SSL certificates" again and restart docker

Copy link

dalsh commented Dec 9, 2017

chmod 777 domain.key

This does not look like a good idea ..?

Copy link

casimiro commented Feb 1, 2018

Maybe it would be better to change the owner of domain.key instead of opening its permissions, right?

Copy link

Instead of cat cert.pem chain.pem > domain.crt, I think you can just do cp fullchain.pem domain.crt. I'd love it if someone else could confirm this though!

Copy link

dc0d commented Aug 26, 2018

How to add usernames and passwords?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment