Skip to content

Instantly share code, notes, and snippets.

@fprochazka fprochazka/
Last active Jun 12, 2018

What would you like to do?


create cert

https-cert-create com.filip-prochazka.ini

renev cert

setup the crontab under root

# Run cerbot in a container
set -e
# Setup volume mounts for compose config and context
if [ "$(pwd)" != '/' ]; then
VOLUMES="-v $(pwd):$(pwd)"
VOLUMES="$VOLUMES -v /etc/letsencrypt:/etc/letsencrypt"
VOLUMES="$VOLUMES -v /var/lib/letsencrypt:/var/lib/letsencrypt"
# nginx vhosts
# correct path is configured in config
VOLUMES="$VOLUMES -v /srv:/srv"
# Only allocate tty if we detect one
if [ -t 1 ]; then
if [ -t 0 ]; then
exec docker run --rm --name certbot $DOCKER_RUN_OPTIONS $VOLUMES -w "$(pwd)" $IMAGE "$@"
# Use a 4096 bit RSA key instead of 2048
rsa-key-size = 4096
# Register with the specified e-mail address
email =
# Generate certificates for the specified domains.
domains =,
# Uncomment to use a text interface instead of ncurses
# text = True
# Uncomment to use the standalone authenticator on port 443
# authenticator = standalone
# standalone-supported-challenges = tls-sni-01
# Uncomment to use the webroot authenticator. Replace webroot-path with the
# path to the public_html / webroot folder being served by your web server.
authenticator = webroot
webroot-path = /srv/
# m h dom mon dow command
0 1 * * * sh -c '/usr/local/bin/https-cert-renew && /usr/sbin/service nginx reload && echo "nginx reloaded"' 2>&1 | logger --tag certbot -p
exec /usr/local/bin/certbot certonly -n --agree-tos -m "" --config $1
exec /usr/local/bin/certbot renew -n --agree-tos -m "" $@
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.