☰

Updated haproxy-letsencrypt-docker.md

Dave committed 2019-05-13 03:39:12 +0000 commit 81f324880b184e83a8a571766be8c22e4c286fe7

				haproxy-letsencrypt-docker.md
			
          @@ -288,7 +288,7 @@ networks:

             haproxy:

           ```

           What doing?

          -* We're mounting the letsencrypt volume back up at /etc/letsencrypt .

          +* We're mounting the letsencrypt volume back up at /etc/letsencrypt so 'certbot --renew' can operate on the certs.

           * The docker socket from the host is mounted at /var/run/docker.sock. This lets us do docker operations from inside the container.

           * There's a small sleep to let haproxy start up (ewww, but also, whatever), then we attempt a renew and run the deploy-hook script (see stage 1) if anything changed.

           * The deploy-hook script concatenates the cert chain and key into an haproxy style .pem file, then sends a SIGHUP via the docker command to the haproxy container, telling it to re-read its config.

...	...	@@ -288,7 +288,7 @@ networks:
288	288	haproxy:
289	289	```
290	290	What doing?
291		-* We're mounting the letsencrypt volume back up at /etc/letsencrypt .
	291	+* We're mounting the letsencrypt volume back up at /etc/letsencrypt so 'certbot --renew' can operate on the certs.
292	292	* The docker socket from the host is mounted at /var/run/docker.sock. This lets us do docker operations from inside the container.
293	293	* There's a small sleep to let haproxy start up (ewww, but also, whatever), then we attempt a renew and run the deploy-hook script (see stage 1) if anything changed.
294	294	* The deploy-hook script concatenates the cert chain and key into an haproxy style .pem file, then sends a SIGHUP via the docker command to the haproxy container, telling it to re-read its config.