crazywoola
5da0182800
docs: replace docker-compose with docker compose (#8195)
|
7 bulan lalu | |
|---|---|---|
| .. | ||
| README.md | 7 bulan lalu | |
| docker-entrypoint.sh | 8 bulan lalu | |
| update-cert.template.txt | 8 bulan lalu | |
README.md
Launching new servers with SSL certificates
Short description
docker compose certbot configurations with Backward compatibility (without certbot container).
Use docker compose --profile certbot up to use this features.
The simplest way for launching new servers with SSL certificates
Get letsencrypt certs
set.envvaluesNGINX_SSL_CERT_FILENAME=fullchain.pem NGINX_SSL_CERT_KEY_FILENAME=privkey.pem NGINX_ENABLE_CERTBOT_CHALLENGE=true CERTBOT_DOMAIN=your_domain.com CERTBOT_EMAIL=example@your_domain.comexecute command:
docker network prune docker compose --profile certbot up --force-recreate -dthen after the containers launched:
docker compose exec -it certbot /bin/sh /update-cert.shEdit
.envfile anddocker compose --profile certbot upagain.
set.envvalue additionallyNGINX_HTTPS_ENABLED=trueexecute command:
docker compose --profile certbot up -d --no-deps --force-recreate nginxThen you can access your serve with HTTPS.
https://your_domain.com
SSL certificates renewal
For SSL certificates renewal, execute commands below:
docker compose exec -it certbot /bin/sh /update-cert.sh docker compose exec nginx nginx -s reload
Options for certbot
CERTBOT_OPTIONS key might be helpful for testing. i.e.,
CERTBOT_OPTIONS=--dry-run
To apply changes to CERTBOT_OPTIONS, regenerate the certbot container before updating the certificates.
docker compose --profile certbot up -d --no-deps --force-recreate certbot
docker compose exec -it certbot /bin/sh /update-cert.sh
Then, reload the nginx container if necessary.
docker compose exec nginx nginx -s reload
For legacy servers
To use cert files dir nginx/ssl as before, simply launch containers WITHOUT --profile certbot option.
docker compose up -d