This repository has been archived by the owner on May 9, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
Home
Vít Kutný edited this page Nov 12, 2017
·
7 revisions
Welcome to the vitkutny.cz wiki!
docker network create nginx-proxy
~$ cat docker-compose.yml
version: '3'
services:
nginx-proxy:
image: jwilder/nginx-proxy
ports:
- 80:80
- 443:443
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
#vhost conf
- /home/vitkutny/vhost.d:/etc/nginx/vhost.d
#vitkutny.cz
- /etc/letsencrypt/live/vitkutny.cz/privkey.pem:/etc/nginx/certs/vitkutny.cz.key
- /etc/letsencrypt/live/vitkutny.cz/fullchain.pem:/etc/nginx/certs/vitkutny.cz.crt
#kutny.cz
- /etc/letsencrypt/live/vitkutny.cz/privkey.pem:/etc/nginx/certs/kutny.cz.key
- /etc/letsencrypt/live/vitkutny.cz/fullchain.pem:/etc/nginx/certs/kutny.cz.crt
restart: always
networks:
default:
external:
name: nginx-proxy
~$ cat vhost.d/www.vitkutny.cz
return 301 https://vitkutny.cz$request_uri;
~$ cat vhost.d/kutny.cz
return 301 https://vitkutny.cz$request_uri;
~$ cat vhost.d/www.kutny.cz
return 301 https://vitkutny.cz$request_uri;
~$ crontab -l
0 0 * * * sudo docker-compose down && sudo certbot renew && sudo docker-compose up -d
~$ cat /etc/sudoers.d/certbot
Cmnd_Alias CERTBOT = /usr/bin/certbot *
%sudo ALL=(root) NOPASSWD: CERTBOT
~$ cat /etc/sudoers.d/docker-compose
Cmnd_Alias DOCKER_COMPOSE = /usr/local/bin/docker-compose *
%sudo ALL=(root) NOPASSWD: DOCKER_COMPOSE