From 9bc4351c9fe9cbe39525fe0e74985dbb7fefb6c0 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Sun, 10 Oct 2021 16:05:51 +0900 Subject: [PATCH] Make container use nginx --- Dockerfile | 2 +- README.md | 17 +++++++++++++++++ entrypoint.sh | 9 +++++++++ 3 files changed, 27 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 4b96f54..d6bea65 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.14 +FROM nginx:1.21.3-alpine RUN apk update RUN apk add certbot diff --git a/README.md b/README.md index 8eae311..638c6d4 100644 --- a/README.md +++ b/README.md @@ -21,6 +21,8 @@ services**. certificates, so that non-root users can access the certificates. Set the LEAVE_PERMISSIONS_AS_IS environment variable to instruct the container not to change permissions +* If you setup the variable NGINX to any value, the container will + start nginx and reload after trying to renew the certificate ``` docker run -e DOMAIN=example.com \ @@ -28,6 +30,21 @@ docker run -e DOMAIN=example.com \ ungleich/ungleich-certbot ``` +### Nginx support + +Using + +``` +docker run -e DOMAIN=example.com \ + -e EMAIL=root@example.com \ + -e NGINX=yes \ + -e STAGING=no \ + ungleich/ungleich-certbot +``` + +you will get a proper, real world usable nginx server. Inject the +nginx configuration by meains of a volume to /etc/nginx/conf.d + ### Exiting after getting the certificate By default, the container will stay alive and try to renew the diff --git a/entrypoint.sh b/entrypoint.sh index 5e644b8..05dc42a 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -33,6 +33,12 @@ if [ "$ONLYGETCERT" ]; then exit 0 fi +# Still there? Start nginx if requested + +if [ "$NGINX" ]; then + nginx +fi + # Try to renew once per day while true; do /usr/bin/certbot renew @@ -46,5 +52,8 @@ while true; do [ "$ONLYRENEWCERTSONCE" ] && exit 0 + # reload nginx if we are running it + [ "$NGINX" ] && pkill -1 nginx + sleep 86400 done