Create a Docker Apache image with LetsEncrypt -


i have trouble docker , letsencrypt.

as far can understand, certbot (the bot install letsencrypt on apache or http server) checks if user owns domain associated certificate.

so in dockerfile, add following line :

run certbot --apache -n --agree-tos --email me@mail.com -d domain.tld

the trouble during domain check, certbot installs certificate on http server, , checks server exposes installed certificate resolving domain.

what mean, domain check can work if cerbot command run on online web server.

but apache server not launched during docker image build.

do have idea arround problem ? can execute command after container launched, install certificate in dockerfile.

thank you

you should remove certbot apache image , run letsencrypt in separate container blacklabelops/letsencrypt.

  1. create dummy certificate certbots testmode during image build
  2. start apache on target system
  3. start blacklabelops/letsencrypt in webroot mode, no port used , challenges exchanged apache webcontext.
  4. create real certificate , keep container running monthly updates

the letsencrypt container must started in webroot mode:

$ docker run -d \   -v letsencrypt_certificates:/etc/letsencrypt \   -v letsencrypt_challenges:/var/www/letsencrypt \   -e "letsencrypt_webroot_mode=true" \   -e "letsencrypt_email=dummy@example.com" \   -e "letsencrypt_domain1=example.com" \   --name letsencrypt \   blacklabelops/letsencrypt

note: here certs written docker volume letsencrypt_certificates webchallenges written letsencrypt_challenges

your apache must mount volume , publish challenges under webroot: /.well-known/acme-challenge/.

example, files under letsencrypt_challenges must reachable under: 

http(s)://yourdomain.com/.well-known/acme-challenge/

Comments

Post a Comment

Popular posts from this blog

What is happening when Matlab is starting a "parallel pool"? -

running parallel cpu processes in matlab starts command parpool() according documentation , function: [creates] special job on pool of workers, , [connects] matlab client parallel pool. this function takes bit of time execute, on order of 30 seconds. in other multi-cpu paradigms openmp, parallel execution seems totally transparent -- i've never noticed behavior analogous matlab (granted i'm not experienced parallel programming). so, happening between time parpool() called , when finishes executing? takes long? parallel computing toolbox enables run matlab code in parallel using several different paradigms (e.g. jobs , tasks, parfor , spmd , parfeval , batch processing), , run either locally (parallelised across cores in local machine) or remotely (parallelised across machines in cluster - either 1 own, or 1 in cloud). in of these cases, code run on matlab workers , copies of matlab without interactive desktop. if you're intending run on remo...
Read more

angular - DownloadURL return null in below code -

when change file updated in firebase storage when try downloadurl show null. filechange(event: any) { const imagefolder: string = this.employee.id; const filelist: filelist = event.target.files; const file: file = filelist[0]; const storageref = firebase.storage().ref().child(`${imagefolder}/profile.jpg`).put(file); console.log(storageref.snapshot.downloadurl); } the put() asynchronous. if want url after file uploaded have this: firebase.storage().ref().child(`${imagefolder}/profile.jpg`).put(file).then((snapshot) => { storageref = snapshot.downloadurl: console.log(snapshot.downloadurl); });
Read more

php - Cannot override Laravel Spark authentication with own implementation -

during login process of laravel spark need request token of remote api. api stores exact same users , passwords laravel spark application. therefore need username , non hashed password of user during authentication process. i thought overriding authenticated method solution problem. in routes/web.php override post /login endpoint , pointing endpoint own logincontroller: <?php namespace app\http\controllers\auth; use illuminate\support\facades\log; use illuminate\http\request; use laravel\spark\http\controllers\auth\logincontroller sparklogincontroller; class logincontroller extends sparklogincontroller { /** * create new login controller instance. * * @return void */ public function __construct() { parent::__construct(); } /** * handle successful authentication attempt. * * @param request $request * @param \illuminate\contracts\auth\authenticatable $user * @return response */ public fu...
Read more