Last active
December 4, 2020 08:44
-
-
Save wzulfikar/957917c8ad84a6047bdb0831215daa51 to your computer and use it in GitHub Desktop.
Setup nginx with letsencrypt automatic https using docker. Tested on Ubuntu.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# File: /opt/nginx-proxy/run.sh | |
# If you are on ubuntu and have docker installed, you can automate the setup by running below command. | |
# Make sure to adjust the DEFAULT_EMAIL and WORKDIR according to your need. The command: | |
: ' | |
export DEFAULT_EMAIL=myemail@mydomain.com WORKDIR=/opt/nginx-proxy && \ | |
sudo mkdir ${WORKDIR} && \ | |
curl -o /tmp/nginx-proxy.sh https://gist.githubusercontent.com/wzulfikar/957917c8ad84a6047bdb0831215daa51/raw/cf7acfe4fecbcd2cd9acf83ef0382cfc03fbbc63/run.sh && \ | |
sed -i "s/DEFAULT_EMAIL=\(.*\) #/DEFAULT_EMAIL=${DEFAULT_EMAIL} #/" /tmp/nginx-proxy.sh && \ | |
sudo mv /tmp/nginx-proxy.sh ${WORKDIR}/run.sh && \ | |
sudo chmod +x ${WORKDIR}/run.sh && \ | |
sudo ${WORKDIR}/run.sh | |
' | |
# P.S: You don't need sudo if you have configured your docker to run without sudo. | |
DEFAULT_EMAIL=myemail@domain.com # Add your email for letsencrypt notifications | |
WORKDIR=/opt/nginx-proxy # Directory where this script is stored | |
# Create optional config | |
if [ ! -f "network_internal.conf" ]; then | |
touch ${WORKDIR}/network_internal.conf | |
echo '# Add config to restrict containers to internal network only.' >> ${WORKDIR}/network_internal.conf | |
echo '# See: https://github.com/nginx-proxy/nginx-proxy#internet-vs-local-network-access' >> ${WORKDIR}/network_internal.conf | |
fi | |
# run nginx-proxy | |
docker run --detach \ | |
--restart unless-stopped \ | |
--name nginx-proxy \ | |
--publish 80:80 \ | |
--publish 443:443 \ | |
--volume ${WORKDIR}/network_internal.conf:/etc/nginx/network_internal.conf \ | |
--volume /etc/nginx/certs \ | |
--volume /etc/nginx/vhost.d \ | |
--volume /usr/share/nginx/html \ | |
--volume /var/run/docker.sock:/tmp/docker.sock:ro \ | |
jwilder/nginx-proxy | |
# run letsencrypt-nginx-proxy-companion | |
docker run --detach \ | |
--name nginx-proxy-letsencrypt \ | |
--restart unless-stopped \ | |
--volumes-from nginx-proxy \ | |
--volume /var/run/docker.sock:/var/run/docker.sock:ro \ | |
--env "DEFAULT_EMAIL=${DEFAULT_EMAIL}" \ | |
jrcs/letsencrypt-nginx-proxy-companion |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is a sample output of how it looks like if you use the command (line 8-14) to do the setup.
In image:
Once done, this setup will watch for any new containers that have environment variable
VIRTUAL_HOST
andLETSENCRYPT_HOST
configured.For example, if you have a wordpress container that has env value of
VIRTUAL_HOST=mydomain.com
andLETSENCRYPT_HOST=mydomain.com
, this setup will create the corresponding letsencrypt certificate for the domain.