$ openssl genrsa -out private.key 4096
openssl req -new -sha256 \
A lot of people run into the problem of running Let's Encrypt's CertBot Tool and an NGINX on the same container host. A big part of this has to do with CertBot needing either port 80 or 443 open for the tool to work as intended. This tends to conflict with NGINX as most people usually use port 80 (HTTP) or 443 (HTTPS) for their reverse proxy. Section 1 outlines how to configure NGINX to get this to work, and Section 2 is the Docker command to run CertBot.
I use Docker Compose (docker-compose) for my NGINX server. My docker-compose.yml file looks something like this:
<!-- Amazon S3 --> | |
<link rel="dns-prefetch" href="//s3.amazonaws.com"> | |
<!-- Google CDN --> | |
<link rel="dns-prefetch" href="//ajax.googleapis.com"> | |
<!-- Microsoft CDN --> | |
<link rel="dns-prefetch" href="//ajax.microsoft.com"> | |
<link rel="dns-prefetch" href="//ajax.aspnetcdn.com"> |
# to generate your dhparam.pem file, run in the terminal | |
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048 |
create folder | |
1) | |
mkdir docker-compose-pg | |
cd docker-compose-pg | |
2) | |
vi docker-compose.yml | |
insert this text: | |
" |
# Assumes the database container is named 'db' | |
DOCKER_DB_NAME="$(docker-compose ps -q db)" | |
DB_HOSTNAME=db | |
DB_USER=postgres | |
LOCAL_DUMP_PATH="path/to/local.dump" | |
docker-compose up -d db | |
docker exec -i "${DOCKER_DB_NAME}" pg_restore -C --clean --no-acl --no-owner -U "${DB_USER}" -d "${DB_HOSTNAME}" < "${LOCAL_DUMP_PATH}" | |
docker-compose stop db |
# Image neeeds to have ssh-client | |
image: docker:git | |
services: | |
- docker:dind | |
stages: | |
- staging | |
before_script: | |
- docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY |
Vagrant.configure("2") do |config| | |
config.vm.box = "maier/alpine-3.3.1-x86_64" | |
config.vm.network "public_network", ip: "192.168.1.31", auto_config: true | |
config.vm.synced_folder ".", "/vagrant", disabled: true | |
config.vm.provider "virtualbox" do |vb| | |
vb.name = 'Alpine1' | |
vb.cpus = 1 | |
vb.memory = 1024 | |
#vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"] | |
# Display the VirtualBox GUI when booting the machine |
sudo sysctl net.ipv4.conf.all.forwarding=1 | |
sudo sysctl net.bridge.bridge-nf-call-iptables=1 | |
sudo sysctl net.bridge.bridge-nf-call-ip6tables=1 | |
//or | |
/sbin/sysctl -w net.ipv4.conf.all.forwarding=1 | |
/sbin/sysctl -w net.bridge.bridge-nf-call-ip6tables=1 | |
/sbin/sysctl -w net.bridge.bridge-nf-call-iptables=1 |
git config --global core.autocrlf false | |
git config core.eol lf | |
git config core.autocrlf input |