f671a4b80ff1f37959b4ca971b13a1b39d721507
haproxy-letsencrypt-docker.md
| ... | ... | @@ -27,7 +27,9 @@ Your docker host should have docker and docker-compose installed, and docker run |
| 27 | 27 | |
| 28 | 28 | # Stage 1 - get some certs |
| 29 | 29 | Since this is a greenfield setup, we can let certbot take care of the initial cert request on its own - HAProxy should be down for this. |
| 30 | -The `Dockerfile` for the letsencrypt image looks like: |
|
| 30 | + |
|
| 31 | +## Dockerfile |
|
| 32 | +The Dockerfile for the letsencrypt image looks like: |
|
| 31 | 33 | |
| 32 | 34 | ```dockerfile |
| 33 | 35 | FROM ubuntu:latest |
| ... | ... | @@ -44,6 +46,7 @@ RUN chmod +x /deploy-hook |
| 44 | 46 | |
| 45 | 47 | Note we're installing the docker.io package, and copying in a script. We'll need them later on. |
| 46 | 48 | |
| 49 | +## deploy-hook |
|
| 47 | 50 | The `deploy-hook` script looks like: |
| 48 | 51 | |
| 49 | 52 | ```sh |
| ... | ... | @@ -55,6 +58,7 @@ cat /etc/letsencrypt/live/domain1.example.com/fullchain.pem \ |
| 55 | 58 | && docker kill -s HUP haproxy |
| 56 | 59 | ``` |
| 57 | 60 | |
| 61 | +## docker-compose-stage1.yml |
|
| 58 | 62 | To run the container, we'll wrap it up in a docker-compose file called `docker-compose-stage1.yml`. |
| 59 | 63 | |
| 60 | 64 | ```yaml |
| ... | ... | @@ -92,7 +96,6 @@ Things of note: |
| 92 | 96 | 4. certbot names the certs for the first domain specified, so that ends up in all of the paths under /etc/letsencrypt. You might be able to change that, but see [rule 1](/rules#love-thy-defaults). |
| 93 | 97 | |
| 94 | 98 | ## Go! |
| 95 | - |
|
| 96 | 99 | With all three files in your current directory, run: `docker-compose -f docker-compose-stage1.yml up` and you should hopefully see a message like the following after a couple of seconds: |
| 97 | 100 | |
| 98 | 101 | ```text |