example - wildcard certificate with certbot

2021-04-26 17:44:48 +02:00 · 2021-04-26 17:44:48 +02:00 · 25494acace
parent a98dae1fb6
commit 25494acace
4 changed files with 69 additions and 0 deletions
--- a/examples/certbot-wildcard/certbot-wildcard.sh
+++ b/examples/certbot-wildcard/certbot-wildcard.sh
@ -0,0 +1,19 @@
+#!/bin/sh
+
+# you need to run it before starting bunkerized-nginx
+# since it's manual there is no auto renew, you need to run it again before it expires
+
+# ask for wildcard certificate
+# it's interactive and you will need to add a DNS entry
+docker run --rm -it -v "${PWD}/letsencrypt:/etc/letsencrypt" certbot/certbot certonly --manual -d *.website.com --agree-tos --no-bootstrap
+
+# fix permissions
+chown -R 101:101 "${PWD}/letsencrypt/live"
+
+# reload nginx if it's already running (in case of a "renew")
+if [ -z `docker-compose ps -q mywww` ] || [ -z `docker ps -q --no-trunc | grep $(docker-compose ps -q mywww)` ]; then
+	echo "bunkerized-nginx is not running, skipping nginx reload"
+else
+	echo "bunkerized-nginx is running, sending reload order"
+	docker-compose exec mywww nginx -s reload
+fi
--- a/examples/certbot-wildcard/docker-compose.yml
+++ b/examples/certbot-wildcard/docker-compose.yml
@ -0,0 +1,40 @@
+version: '3'
+
+services:
+
+  mywww:
+    image: bunkerity/bunkerized-nginx
+    restart: always
+    ports:
+      - 80:8080
+      - 443:8443
+    volumes:
+      - ./web-files:/www:ro
+      - ./letsencrypt/live/website.com:/certs:ro
+    environment:
+      - SERVER_NAME=app1.website.com app2.website.com # replace with your domains
+      - MULTISITE=yes
+      - USE_CUSTOM_HTTPS=yes
+      - CUSTOM_HTTPS_CERT=/certs/fullchain.pem
+      - CUSTOM_HTTPS_KEY=/certs/privkey.pem
+      - REDIRECT_HTTP_TO_HTTPS=yes
+      - DISABLE_DEFAULT_SERVER=yes
+      - USE_CLIENT_CACHE=yes
+      - USE_GZIP=yes
+      - USE_BROTLI=yes
+      - app1.website.com_REMOTE_PHP=myapp1
+      - app1.website.com_REMOTE_PHP_PATH=/app
+      - app2.website.com_REMOTE_PHP=myapp2
+      - app2.website.com_REMOTE_PHP_PATH=/app
+
+  myapp1:
+    image: php:fpm
+    restart: always
+    volumes:
+      - ./web-files/app1.website.com:/app
+
+  myapp2:
+    image: php:fpm
+    restart: always
+    volumes:
+      - ./web-files/app2.website.com:/app
--- a/examples/certbot-wildcard/web-files/app1.website.com/index.php
+++ b/examples/certbot-wildcard/web-files/app1.website.com/index.php
@ -0,0 +1,5 @@
+<?php
+
+echo "hello from app1 !";
+
+?>
--- a/examples/certbot-wildcard/web-files/app2.website.com/index.php
+++ b/examples/certbot-wildcard/web-files/app2.website.com/index.php
@ -0,0 +1,5 @@
+<?php
+
+echo "hello from app2 !";
+
+?>