Last active
August 17, 2019 05:03
-
-
Save angeloreale/0cc08ad4ed390e922652a60b6327480a to your computer and use it in GitHub Desktop.
Dockerizing Certbot and automatically renewing Let’s Encrypt certificates with Shell Script and Crontab
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### certbot-autorenewal.sh | |
| #!/bin/bash | |
| cd /home/{your-docker-compose-folder} | |
| echo "--------------- RENEWING CERTS ---------------" | |
| docker-compose up certbot-site1.com | |
| docker-compose up certbot-site2.com | |
| etc... | |
| echo "--------------- RESTARTING NGINX ---------------" | |
| service nginx restart |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### sudo crontab | |
| # make script executable via bash | |
| cd /path/to/script | |
| sudo chmod +x ./certbot-autorenewal.sh | |
| # open sudo crontab from bash | |
| sudo crontab -e | |
| # add the following line to the bottom | |
| 0 0 10 * * /bin/bash /home/{path-to-shell-script}/certbot-autorenewal.sh >> /home/{crontab-logs-path}/crontab.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### docker-compose.yml | |
| services: | |
| certbot-site1.com: | |
| container_name: certbot-site1.com | |
| image: certbot/certbot | |
| volumes: | |
| - ./certs/etc/letsencrypt/:/etc/letsencrypt/ | |
| - ./sites/site1/:/var/www/site1.com | |
| command: certonly --webroot --cert-name site1.admin.com --email adm@site1.com --agree-tos --no-eff-email --renew-by-default -w /var/www/site1.com/{webroot} -d site1.com,www.site1.com | |
| certbot-site2.com: | |
| container_name: certbot-site2.com | |
| image: certbot/certbot | |
| volumes: | |
| - ./certs/etc/letsencrypt/:/etc/letsencrypt/ | |
| - ./sites/site2.com/:/var/www/site2.com | |
| command: certonly --webroot --cert-name site2.admin.com --email adm@site2.com --agree-tos --no-eff-email --renew-by-default -w /var/www/site2.com -d site2.com,www.site2.com | |
| etc... | |
| -------------------------- | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment