Initial commit

Add nginx and certbot configurations

certbot/Dockerfile

@@ -0,0 +1,35 @@
+# Uses /ssl             volume to store certificates and read domains.txt on run_once
+# Uses /etc/letsencrypt volume to store letsencrypt data
+FROM alpine
+
+ARG EMAIL
+
+RUN apk add certbot bash
+
+RUN echo "#!/bin/sh" > /usr/bin/update_certificates && \
+    echo "certbot renew --quiet" >> /usr/bin/update_certificates && \
+    echo "cp -rL /etc/letsencrypt/live/* /ssl/" >> /usr/bin/update_certificates && \
+    \
+    mkdir -p /etc/letsencrypt /ssl/.well-known && \
+    \
+    echo "webroot-path = /ssl/" > /etc/letsencrypt/cli.ini && \
+    \
+    echo '15 2 */7 * * /usr/bin/update_certificates' > /etc/crontabs/root && \
+    \
+    echo "echo 'running with cron'" > /run_with_cron && \
+    echo "cp /etc/letsencrypt.bak/cli.ini /etc/letsencrypt/cli.ini" >> /run_with_cron && \
+    echo "crond -f" >> /run_with_cron && \
+    \
+    echo "echo 'running once'" > /run_once && \
+    echo "mv /etc/letsencrypt.bak/cli.ini /etc/letsencrypt/cli.ini" >> /run_once && \
+    echo "if [ ! -f /ssl/domains.txt ]; then echo 'No domains.txt file found in /ssl, exiting' && exit 1; fi" >> /run_once && \
+    echo 'for domain in $(cat /ssl/domains.txt); do case $domain in "#"*) :; ;; *) certbot certonly -n --authenticator webroot -d $domain; ;; esac; done' >> /run_once && \
+    echo "cp -rL /etc/letsencrypt/live/* /ssl/" >> /run_once && \
+    chmod +x /usr/bin/update_certificates
+
+RUN certbot register --email $EMAIL --non-interactive --agree-tos
+
+RUN cp -r /etc/letsencrypt /etc/letsencrypt.bak
+
+ENTRYPOINT ["/bin/sh"]
+CMD ["/run_with_cron"]