Skip to content

Create and renew website certificates using the Letsencrypt free certificate authority.

License

Notifications You must be signed in to change notification settings

obviateio/docker-nginx-accessfabric-certbot

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

docker-nginx-accessfabric-certbot

Travis (.org) GitHub issues GitHub GitHub stars GitHub last commit Docker Stars Docker Pulls MicroBadger Layers

Create and automatically renew website SSL certificates using the letsencrypt free certificate authority, and its client certbot. Built upon obviateio/docker-nginx-accessfabric for use with ScaleFT Access Fabric. For regular Nginx, see staticfloat/docker-nginx-certbot.

Usage

  • Login to ScaleFT
  • Create a project
  • Go into that project & create an application
  • Verify your origin URL (ex: gitlab.ext.company.tld) is in DNS and externally resolveable
  • Cname the custom hostname (ex: gitlab.company.tld) to the application URL (ex: random-words-1234.accessfabric.com)
  • mkdir ./letsencrypt/
  • mkdir ./conf.d/
  • Add a .conf such as (ex: ./conf.d/gitlab.conf):
server {
    auth_accessfabric	on;
    auth_accessfabric_audience "https://random-words-1234.accessfabric.com";
    listen              443 ssl;
    server_name         gitlab.ext.company.tld gitlab.company.tld random-words-1234.accessfabric.com";
    ssl_certificate     /etc/letsencrypt/live/gitlab.ext.company.tld/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/gitlab.ext.company.tld/privkey.pem;

    location / {
        proxy_pass http://gitlabinstance.company.int:80;
    }
}
  • Run docker container:
docker run --name=nginx \
 -e [email protected] \
 -v /home/myuser/conf.d/:/etc/nginx/conf.d/ \
 -v /home/myuser/letsencrypt/:/etc/letsencrypt/ \
 -p 80:80 -p 443:443 \
 --restart=always \
 -d shakataganai/nginx-accessfabric-certbot:latest

When the container first starts, if the key's are not detected it will turn the .conf off. Once certbot aquires a certificate, the .conf will be turned back on and nginx reloaded. If there are issues, run docker log nginx. Accessing gitlab.ext.company.tld should result in a 401 Access Denied. Accessing gitlab.company.tld should result in functional Access Fabric login proccess and your end-service.

About

Create and renew website certificates using the Letsencrypt free certificate authority.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Shell 78.8%
  • Dockerfile 14.8%
  • Makefile 6.4%