Skip to content

Instantly share code, notes, and snippets.

@wzulfikar

wzulfikar/run.sh

Last active December 4, 2020 08:44
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save wzulfikar/957917c8ad84a6047bdb0831215daa51 to your computer and use it in GitHub Desktop.
Save wzulfikar/957917c8ad84a6047bdb0831215daa51 to your computer and use it in GitHub Desktop.
Download ZIP
Setup nginx with letsencrypt automatic https using docker. Tested on Ubuntu.
Raw
run.sh
#!/bin/sh
# File: /opt/nginx-proxy/run.sh
# If you are on ubuntu and have docker installed, you can automate the setup by running below command.
# Make sure to adjust the DEFAULT_EMAIL and WORKDIR according to your need. The command:
: '
export DEFAULT_EMAIL=myemail@mydomain.com WORKDIR=/opt/nginx-proxy && \
sudo mkdir ${WORKDIR} && \
curl -o /tmp/nginx-proxy.sh https://gist.githubusercontent.com/wzulfikar/957917c8ad84a6047bdb0831215daa51/raw/cf7acfe4fecbcd2cd9acf83ef0382cfc03fbbc63/run.sh && \
sed -i "s/DEFAULT_EMAIL=\(.*\) #/DEFAULT_EMAIL=${DEFAULT_EMAIL} #/" /tmp/nginx-proxy.sh && \
sudo mv /tmp/nginx-proxy.sh ${WORKDIR}/run.sh && \
sudo chmod +x ${WORKDIR}/run.sh && \
sudo ${WORKDIR}/run.sh
'
# P.S: You don't need sudo if you have configured your docker to run without sudo.
DEFAULT_EMAIL=myemail@domain.com # Add your email for letsencrypt notifications
WORKDIR=/opt/nginx-proxy # Directory where this script is stored
# Create optional config
if [ ! -f "network_internal.conf" ]; then
touch ${WORKDIR}/network_internal.conf
echo '# Add config to restrict containers to internal network only.' >> ${WORKDIR}/network_internal.conf
echo '# See: https://github.com/nginx-proxy/nginx-proxy#internet-vs-local-network-access' >> ${WORKDIR}/network_internal.conf
fi
# run nginx-proxy
docker run --detach \
--restart unless-stopped \
--name nginx-proxy \
--publish 80:80 \
--publish 443:443 \
--volume ${WORKDIR}/network_internal.conf:/etc/nginx/network_internal.conf \
--volume /etc/nginx/certs \
--volume /etc/nginx/vhost.d \
--volume /usr/share/nginx/html \
--volume /var/run/docker.sock:/tmp/docker.sock:ro \
jwilder/nginx-proxy
# run letsencrypt-nginx-proxy-companion
docker run --detach \
--name nginx-proxy-letsencrypt \
--restart unless-stopped \
--volumes-from nginx-proxy \
--volume /var/run/docker.sock:/var/run/docker.sock:ro \
--env "DEFAULT_EMAIL=${DEFAULT_EMAIL}" \
jrcs/letsencrypt-nginx-proxy-companion
@wzulfikar
Copy link
Author

This is a sample output of how it looks like if you use the command (line 8-14) to do the setup.

In image:

  • First red line is where I ran the command
  • Second red line is where I check the logs of letsencrypt container to verify that it's running

Snipaste_2020-12-04_10-11-52_setup-nginx-with-letsencrypt-using-docker

Once done, this setup will watch for any new containers that have environment variable VIRTUAL_HOST and LETSENCRYPT_HOST configured.

For example, if you have a wordpress container that has env value of VIRTUAL_HOST=mydomain.com and LETSENCRYPT_HOST=mydomain.com, this setup will create the corresponding letsencrypt certificate for the domain.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment