Skip to content

Instantly share code, notes, and snippets.

@marcelo-ochoa
Last active January 22, 2021 13:21
Show Gist options
  • Save marcelo-ochoa/06c0cfb57681977296b2f4fc8ec7c47d to your computer and use it in GitHub Desktop.
Save marcelo-ochoa/06c0cfb57681977296b2f4fc8ec7c47d to your computer and use it in GitHub Desktop.
version: '3.6'
x-default-opts:
&default-opts
image: certbot-oci:v1.10.1
volumes:
- certs-repo:/etc/letsencrypt
environment:
OCID: ocid1.loadbalancer.oc1.iad.nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn
RENEWED_DOMAINS: dev-oci.mydomain.com
deploy:
mode: replicated
replicas: 0
restart_policy:
condition: none
labels:
- traefik.enable=true
- traefik.docker.network=lb_network
- traefik.constraint-label=traefik-public
- traefik.http.routers.certbot.rule=PathPrefix(`/.well-known`)
- traefik.http.services.certbot.loadbalancer.server.port=80
networks:
- lb_network
services:
certbot:
<<: *default-opts
entrypoint: /bin/sh -c
command:
- tail -f /dev/null
renew:
<<: *default-opts
ntrypoint: /bin/sh -c
command:
- sleep 60 && certbot certonly --force-renewal --standalone -n --post-hook /create-lb-certs.sh -d dev-oci.mydomain.com,registry.mydomain.com
volumes:
certs-repo:
driver: s3fs
name: "certs"
networks:
lb_network:
external: true
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment