Skip to content

Instantly share code, notes, and snippets.

@mry
Created June 5, 2017 16:56
Show Gist options
  • Save mry/b0a2d80e151343fd01061f78fc634f49 to your computer and use it in GitHub Desktop.
Save mry/b0a2d80e151343fd01061f78fc634f49 to your computer and use it in GitHub Desktop.
LetsEncrypt Dockerized service for automatically maintaining certificates using nginx
version: '2'
services:
nginx-proxy:
image: jwilder/nginx-proxy
container_name: nginx-proxy
logging:
driver: splunk
options:
splunk-url: https://10.0.1.29:8088
splunk-token: 43D65CB7-4AE8-4ABD-B402-C345781009D4
splunk-insecureskipverify: 'true'
splunk-format: json
splunk-verify-connection: 'false'
splunk-source: letsencrypt-nginx-proxy
ports:
- '80:80'
- '443:443'
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- /etc/nginx/vhost.d # to update vhost configuration
- /usr/share/nginx/html # to write challenge files
- ./certs:/etc/nginx/certs:ro # update this to change cert location
web:
image: 'nginx'
container_name: nginx-web
logging:
driver: splunk
options:
splunk-url: https://10.0.1.29:8088
splunk-token: 43D65CB7-4AE8-4ABD-B402-C345781009D4
splunk-insecureskipverify: 'true'
splunk-format: json
splunk-verify-connection: 'false'
splunk-source: letsencrypt-nginx-web
#tag: {{.Name}}/{{.FullID}}
expose:
- '80'
environment:
- VIRTUAL_HOST=rylander.io,humle.rylander.io,dumle.rylander.io,synods01.rylander.io,synods02.rylander.io,fw.rylander.io,humle-ilo.rylander.io,dumle-ilo.rylander.io,proget.rylander.io,unifi.rylander.io,couchpotato.rylander.io,jira.rylander.io,confluence.rylander.io,gitlab.rylander.io,artifactory.rylander.io,splunk.rylander.io
- VIRTUAL_PORT=80
- LETSENCRYPT_TEST=false
- LETSENCRYPT_HOST=rylander.io,humle.rylander.io,dumle.rylander.io,synods01.rylander.io,synods02.rylander.io,fw.rylander.io,humle-ilo.rylander.io,dumle-ilo.rylander.io,proget.rylander.io,unifi.rylander.io,couchpotato.rylander.io,jira.rylander.io,confluence.rylander.io,gitlab.rylander.io,artifactory.rylander.io,splunk.rylander.io
- LETSENCRYPT_EMAIL=mattias.rylander@gmail.com
ssl-companion:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: ssl-companion
logging:
driver: splunk
options:
splunk-url: https://10.0.1.29:8088
splunk-token: 43D65CB7-4AE8-4ABD-B402-C345781009D4
splunk-insecureskipverify: 'true'
splunk-format: json
splunk-verify-connection: 'false'
splunk-source: letsencrypt-ssl-companion
dns:
- '8.8.8.8'
- '8.8.4.4'
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro #companion maps differently
- ./certs:/etc/nginx/certs:rw # same path as above, now RW
volumes_from:
- nginx-proxy
depends_on:
- nginx-proxy
@mry
Copy link
Author

mry commented Jun 5, 2017

Requires docker >= 1.13 due to Splunk logging

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment