sangyun
/
docker-nginx-certbot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update readme

This commit is contained in:
sangyun 2024-01-17 20:15:15 +09:00
parent 83049e9590
commit c524e2e6b9
1 changed files with 26 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
README.md
View File

@ -11,31 +11,41 @@ docker run -d \
-v path:/etc/nginx/nginx.conf:ro \ -v path:/etc/nginx/nginx.conf:ro \
-v path:/etc/nginx/sites-enabled \ -v path:/etc/nginx/sites-enabled \
-v path:/var/www \ -v path:/var/www \
-e CLOUDFLARE_EMAIL="youremail" \
-e CLOUDFLARE_API_KEY="yourkey" \
-e DOMAIN="your.domain.com,*.domain.com"
--net host \ --net host \
--name nginx \ --name nginx \
--restart=always \ --restart=always \
nginx-certbot nginx-certbot
``` ```
## 인증서 발급 ## docker compose
```yml
services:
nginx:
build: .
environment:
DOMAIN: "domain.com,*.domain.com" # 등록할 도메인 주소
CLOUDFLARE_EMAIL: "your@email.com" # 클라우드플레어 이메일주소
CLOUDFLARE_API_KEY: "your-key" # 클라우드플레어 api 키
volumes:
- path:/etc/letsencrypt/ # certbot 이 생성한 키 보관위치
- path:/etc/nginx/conf.d # nginx conf.d 폴더
- path/nginx.conf:/etc/nginx/nginx.conf:ro # nginx.confg
- path:/etc/nginx/sites-enabled # nginx sites-enalbe 폴더
- path:path:/var/www # 기본 www 폴더
network_mode: host # 용도에 맞게 변환
```
## create certificate
```sh ```sh
# enter nginx bash shell
docker exec -it nginx bash docker exec -it nginx bash
# create cloudflare ini # excute shell script
echo dns_cloudflare_email=your@email.address > /etc/letsencrypt/cloudflare.ini ./ create-cert-cloudflare.sh
echo dns_cloudflare_api_key=your@key >> /etc/letsencrypt/cloudflare.ini
# set 600 permission
chmod 600 /etc/letsencrypt/cloudflare.ini
# create ssl certifications
certbot certonly \
--dns-cloudflare \
--dns-cloudflare-credentials /etc/letsencrypt/cloudflare.ini \
--email your@email.address\
--agree-tos \
--no-eff-email \
-d your.domain,*.your.domain
# reload nginx
nginx -s reload nginx -s reload
``` ```