Aleksei Sokol
7499e55ce6
Changes: - fix README.md old json format usage - rename "redirect" option to "proxy_pass" - move docker-compose.yml and nginx.conf.j2 to examples and add to .gitignore - fix situation when one domain from domains.txt and servers.yaml appeared twice in nginx.conf
1.4 KiB
ssl_nginx hosting
Preparation
-
Copy and edit (if needed) nginx/nginx.conf.j2 file.
-
Add your certified domains to nginx/domains.txt file (example).
These domains will be used by certbot to monitor and update (if possible) certificates. Nginx will also setup http server for the given entries.
However if the domain is set both in domains.txt and servers.yaml (next step), nginx will use https with certificates at the given path. That will fail nginx startup if the certificate to at least one domain is missing (--http-only option will skip domains.txt check).
-
Add your servers section configuration to nginx/servers.yaml (example).
User email used for certbot can be set as environment variable at build process or in .env file.
Usage
For the first time you should run (run_once.d-c.yml)[run_once.d-c.yml] docker-compose file to get certificates.
You can use (run_once.sh)[run_once.sh] script for this.
After it, docker compose up should do the trick. Certificates update attempt will be performed automatically at 02:15
on each seventh day of month. (set in Dockerfile of certbot and nginx).
certbot_manual.sh
This sceipt is available to perform manual certificates obtaining. One can use it to get a wildcard certificate for example (not available for automatic generation without an appropriate plugin).