meta data for this page
nginx with certbot by Jonas Alfredsson
https://github.com/JonasAlfredsson/docker-nginx-certbot/
- Prepare the Installation
mkdir -p /etc/nginx/user_conf.d/ mkdir -p /etc/nginx/nginx_secrets/ ufw allow 80 ufw allow 443
Change email in the following command!
- Run the Container
docker run -it -p 80:80 -p 443:443 \ --env CERTBOT_EMAIL=<INSERT@E.MAIL> \ -v /etc/nginx/nginx_secrets:/etc/letsencrypt \ -v /etc/nginx/user_conf.d:/etc/nginx/user_conf.d:ro \ --name nginx-certbot jonasal/nginx-certbot:latest
Replace all CAPITALIZED items in the following example!
- EXAMPLE: /etc/nginx/user_conf.d/NAME_OF_CONF.conf
server { listen 443 ssl; # Domain names this server should respond to. server_name SUBDOMAIN; # Load the certificate files. ssl_certificate /etc/letsencrypt/live/uptime/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/uptime/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/uptime/chain.pem; # Load the Diffie-Hellman parameter. ssl_dhparam /etc/letsencrypt/dhparams/dhparam.pem; # Configure the proxy specifics. location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_http_version 1.1; proxy_pass http://FULLY_QUALIFIED_DOMAIN_NAME_OF_HOST:PORT_OF_CONTAINER_BEHIND_PROXY; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } }
- Force Certificate Check
docker kill --signal=HUP nginx-certbot