Created
July 9, 2020 15:00
-
-
Save nazmulpcc/de347b48e146bf8428efd6954543003b to your computer and use it in GitHub Desktop.
Revisions
-
Nazmul Alam created this gist
Jul 9, 2020 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,11 @@ FROM ubuntu:18.04 ENV DEBIAN_FRONTEND noninteractive RUN add-apt-repository -y ppa:certbot/certbot && \ apt-get install -yq certbot python3-certbot-dns-cloudflare curl COPY certbot.sh /tmp COPY ./init.sh /tmp ENTRYPOINT /bin/bash /tmp/init.sh && /bin/bash This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,35 @@ #!/bin/bash if [[ $DOMAIN == "local" ]]; then if [ ! -d /etc/letsencrypt/live/local ]; then sudo mkdir -p /etc/letsencrypt/live/local fi sudo openssl genrsa -out "/etc/letsencrypt/live/local/privkey.pem" 2048 sudo openssl req -new -key "/etc/letsencrypt/live/local/privkey.pem" -out "/etc/letsencrypt/live/local/cert.pem" -subj "/CN=default/O=default/C=UK" sudo openssl x509 -req -days 365 -in "/etc/letsencrypt/live/local/cert.pem" -signkey "/etc/letsencrypt/live/local/privkey.pem" -out "/etc/letsencrypt/live/local/fullchain.pem" echo "Generated local certificates" else echo "dns_cloudflare_email = $CERTBOT_CLOUDFLARE_EMAIL" > ~/cloudflare.ini echo "dns_cloudflare_api_key = $CERTBOT_CLOUDFLARE_API" >> ~/cloudflare.ini if [ ! -d /etc/letsencrypt/live/$DOMAIN ]; then sudo certbot certonly \ --dns-cloudflare \ --dns-cloudflare-credentials ~/cloudflare.ini \ --agree-tos \ --email $CERTBOT_EMAIL \ --non-interactive \ -d $DOMAIN -d *.$DOMAIN if [ ! -d /etc/letsencrypt/live/$DOMAIN ]; then sudo cp -r /etc/letsencrypt/live/$DOMAIN /etc/letsencrypt/live/$DOMAIN fi fi rm ~/cloudflare.ini fi mkdir /tmp/ssl sudo cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem > /tmp/ssl/fullchain.pem sudo cat /etc/letsencrypt/live/$DOMAIN/privkey.pem > /tmp/ssl/privkey.pem sudo cat /etc/letsencrypt/live/$DOMAIN/cert.pem > /tmp/ssl/cert.pem sudo cp /tmp/ssl/* /etc/nginx-ssl This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,3 @@ if [ ! -f /etc/nginx-ssl/cert.pem ]; then bash /tmp/certbot.sh fi
Nazmul Alam
created
this gist