Instantly share code, notes, and snippets.

What would you like to do?
Start docker registry with letsencrypt certificates (Linux Ubuntu)
#!/usr/bin/env bash
# install docker
# install docker-compose
# install letsencrypt
# Generate SSL certificate for domain
/opt/letsencrypt/letsencrypt-auto certonly --keep-until-expiring --standalone -d --email
# Setup letsencrypt certificates renewing
line="30 2 * * 1 /opt/letsencrypt/letsencrypt-auto renew >> /var/log/letsencrypt-renew.log"
(crontab -u root -l; echo "$line" ) | crontab -u root -
# Rename SSL certificates
cd /etc/letsencrypt/live/
cp privkey.pem domain.key
cat cert.pem chain.pem > domain.crt
chmod 777 domain.crt
chmod 777 domain.key
docker run -d -p 5000:5000 --restart=always --name registry \
-v /etc/letsencrypt/live/ \
-v /opt/docker-registry:/var/lib/registry \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
# List images

This comment has been minimized.

devandroid commented Aug 18, 2017



This comment has been minimized.

czende commented Nov 13, 2017

Better Install letsencrypt with
apt-get install git
git clone /opt/letsencrypt


This comment has been minimized.

dinoba commented Dec 7, 2017

After renew you have to do "Rename SSL certificates" again and restart docker


This comment has been minimized.

dalsh commented Dec 9, 2017

chmod 777 domain.key

This does not look like a good idea ..?


This comment has been minimized.

casimiro commented Feb 1, 2018

Maybe it would be better to change the owner of domain.key instead of opening its permissions, right?


This comment has been minimized.

chrisshroba commented Jun 27, 2018

Instead of cat cert.pem chain.pem > domain.crt, I think you can just do cp fullchain.pem domain.crt. I'd love it if someone else could confirm this though!


This comment has been minimized.

dc0d commented Aug 26, 2018

How to add usernames and passwords?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment