diff --git a/nginx/.env.example b/nginx/.env.example new file mode 100644 index 0000000..e69de29 diff --git a/nginx/README.md b/nginx/README.md new file mode 100644 index 0000000..e69de29 diff --git a/nginx/nginx/Dockerfile b/nginx/nginx/Dockerfile new file mode 100644 index 0000000..b70c34b --- /dev/null +++ b/nginx/nginx/Dockerfile @@ -0,0 +1,14 @@ +FROM nginx:stable-alpine + +RUN apk add --no-cache certbot + +COPY entrypoint.sh ./entrypoint.sh +RUN chmod +x ./entrypoint.sh + +RUN mkdir /var/lib/certbot +COPY renew /etc/periodic/weekly/renew +RUN chmod +x /etc/periodic/weekly/renew + +RUN /usr/sbin/crond -f -d 8 & + +ENTRYPOINT [ "./entrypoint.sh" ] diff --git a/nginx/nginx/entrypoint.sh b/nginx/nginx/entrypoint.sh new file mode 100644 index 0000000..9a2fb8f --- /dev/null +++ b/nginx/nginx/entrypoint.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env sh + +# Should be passed as env vars +# DOMAINS=suzy.roosens.me,next.roosens.me,tm.roosens.me +# EMAIL=roosensjef@gmail.com + +certbot certonly --standalone -d "$DOMAINS" --email "$EMAIL" -n --agree-tos --expand +/usr/sbin/nginx -g "daemon off;" diff --git a/nginx/nginx/renew b/nginx/nginx/renew new file mode 100644 index 0000000..98327d4 --- /dev/null +++ b/nginx/nginx/renew @@ -0,0 +1,3 @@ +#!/usr/bin/env sh + +python3 -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew --webroot --webroot-path /var/lib/certbot/ --post-hook "/usr/sbin/nginx -s reload"