fossilfranv/nginx_docker-swag
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cleanup

Browse Source
This commit is contained in:
ahgraber 2021-02-27 19:16:29 -05:00
parent 1c2e4ede10
commit 8d1bf4f3e6
3 changed files with 32 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@ -6,7 +6,7 @@ ARG TARGETARCH
ARG BUILD_DATE ARG BUILD_DATE
LABEL build_version="${TARGETPLATFORM} - ${BUILD_DATE}" LABEL build_version="${TARGETPLATFORM} - ${BUILD_DATE}"
MAINTAINER ninerealmlabs <ahgraber@ninerealmlabs.com> LABEL maintainer="ninerealmlabs <ahgraber@ninerealmlabs.com>"
ENV ONLY_SUBDOMAINS=false ENV ONLY_SUBDOMAINS=false
ENV PROPAGATION=60 ENV PROPAGATION=60

18
README.md
View File

@ -8,7 +8,7 @@ Further, in order to simplify the image, only Cloudflare DNS is currently implem
The project is built with Docker Buildx to support multiple architectures such as `amd64` and `arm64`. The project is built with Docker Buildx to support multiple architectures such as `amd64` and `arm64`.
Simply pulling `ahgraber/certbot_only` should retrieve the correct image for your arch, but you can also pull specific arch images via tags. Simply pulling `ninerealmlabs/certbot_only` should retrieve the correct image for your arch, but you can also pull specific arch images via tags.
The architectures supported by this image are: The architectures supported by this image are:
@ -30,8 +30,8 @@ Compatible with docker-compose v3 schemas.
--- ---
version: "3.7" version: "3.7"
services: services:
swag: certbot:
image: ahgraber/certbot_only:latest image: ninerealmlabs/certbot_only:latest
container_name: certbot container_name: certbot
environment: environment:
- TZ=Europe/London - TZ=Europe/London
@ -104,7 +104,7 @@ The recommended configurations create local folders `/config` and `/letsencrypt`
* This container includes auto-generated pfx and private-fullchain-bundle pem certs that are needed by other apps like Emby and Znc, and tls.crt and tls.key certs that are needed by apps like Keycloak. * This container includes auto-generated pfx and private-fullchain-bundle pem certs that are needed by other apps like Emby and Znc, and tls.crt and tls.key certs that are needed by apps like Keycloak.
* To use these certs in other containers, do either of the following: * To use these certs in other containers, do either of the following:
1. *(Easier)* Mount the container's config folder in other containers (ie. `-v /path-to-le-config:/le-ssl`) and in the other containers, use the cert location `/le-ssl/keys/letsencrypt/` 1. *(Easier)* Mount the container's config folder in other containers (ie. `-v /path-to-le-config:/le-ssl`) and in the other containers, use the cert location `/le-ssl/keys/letsencrypt/`
2. *(More secure)* Mount the cert folder `/letsencrypt` (ie. `-v /path/to/letsencrypt:/le-ssl`) and in the other containers, use the cert location `/le-ssl/letsencrypt/live/<your.domain.url>/` (This is more secure because the first method shares the entire SWAG config folder with other containers, including the www files, whereas the second method only shares the ssl certs) 2. *(More secure)* Mount the cert folder `/letsencrypt` (ie. `-v /path/to/letsencrypt:/le-ssl`) and in the other containers, use the cert location `/le-ssl/letsencrypt/live/<your.domain.url>/` (This is more secure because the first method shares the entire certbot config folder with other containers, including the www files, whereas the second method only shares the ssl certs)
* These certs include: * These certs include:
1. `cert.pem`, `chain.pem`, `fullchain.pem` and `privkey.pem`, which are generated by Certbot and used by nginx and various other apps 1. `cert.pem`, `chain.pem`, `fullchain.pem` and `privkey.pem`, which are generated by Certbot and used by nginx and various other apps
2. `privkey.pfx`, a format supported by Microsoft and commonly used by dotnet apps such as Emby Server (no password) 2. `privkey.pfx`, a format supported by Microsoft and commonly used by dotnet apps such as Emby Server (no password)
@ -118,7 +118,7 @@ The recommended configurations create local folders `/config` and `/letsencrypt`
* container version number * container version number
* `docker inspect -f '{{ index .Config.Labels "build_version" }}' certbot_only` * `docker inspect -f '{{ index .Config.Labels "build_version" }}' certbot_only`
* image version number * image version number
* `docker inspect -f '{{ index .Config.Labels "build_version" }}' ahgraber/certbot_only` * `docker inspect -f '{{ index .Config.Labels "build_version" }}' ninerealmlabs/certbot_only`
## Updating Info ## Updating Info
@ -128,11 +128,11 @@ Below are the instructions for updating containers:
* Update all images: `docker-compose pull` * Update all images: `docker-compose pull`
* or update a single image: `docker-compose pull certbot_only` * or update a single image: `docker-compose pull certbot_only`
* Let compose update all containers as necessary: `docker-compose up -d` * Let compose update all containers as necessary: `docker-compose up -d`
* or update a single container: `docker-compose up -d swag` * or update a single container: `docker-compose up -d certbot_only`
* You can also remove the old dangling images: `docker image prune` * You can also remove the old dangling images: `docker image prune`
### Via Docker Run ### Via Docker Run
* Update the image: `docker pull ahgraber/certbot_only` * Update the image: `docker pull ninerealmlabs/certbot_only`
* Stop the running container: `docker stop certbot_only` * Stop the running container: `docker stop certbot_only`
* Delete the container: `docker rm certbot_only` * Delete the container: `docker rm certbot_only`
* Recreate a new container with the same docker run parameters as instructed above (if mapped correctly to a host folder, your `/config` folder and settings will be preserved) * Recreate a new container with the same docker run parameters as instructed above (if mapped correctly to a host folder, your `/config` folder and settings will be preserved)
@ -144,14 +144,14 @@ If you want to make local modifications to these images for development purposes
With Docker Compose for single testing: With Docker Compose for single testing:
``` ```
git clone https://github.com/ahgraber/docker-certbot-only.git git clone https://github.com/ninerealmlabs/docker-certbot-only.git
cd docker-certbot_only cd docker-certbot_only
docker-compose build docker-compose build
``` ```
With [Docker buildx](https://docs.docker.com/buildx/working-with-buildx/) for multiarch support: With [Docker buildx](https://docs.docker.com/buildx/working-with-buildx/) for multiarch support:
``` ```
git clone https://github.com/ahgraber/docker-certbot-only.git git clone https://github.com/ninerealmlabs/docker-certbot-only.git
cd docker-certbot_only cd docker-certbot_only
bash ./scripts/buildx.sh --tag {REPOSITORY}/certbot_only:{TAG} bash ./scripts/buildx.sh --tag {REPOSITORY}/certbot_only:{TAG}
``` ```

36
scripts/install-s6.sh
View File

@ -25,20 +25,28 @@ esac
echo -e "Downloading S6-overlay ${S6_OVERLAY_VERSION} for ${TARGETPLATFORM} (${S6_ARCH})" echo -e "Downloading S6-overlay ${S6_OVERLAY_VERSION} for ${TARGETPLATFORM} (${S6_ARCH})"
if [ S6_OVERLAY_VERSION="latest" ]; then
S6_URL="https://github.com/just-containers/s6-overlay/releases/latest/download/s6-overlay-${S6_ARCH}.tar.gz"
else
S6_URL="https://github.com/just-containers/s6-overlay/releases/download/${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.gz"
fi
# curl -L -o "/tmp/s6-overlay-${S6_ARCH}.tar.gz" "https://github.com/just-containers/s6-overlay/releases/download/${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.gz" \ # ## Download and install tarball
curl -L -o "/tmp/s6-overlay-${S6_ARCH}.tar.gz" "${S6_URL}" \ # if [ S6_OVERLAY_VERSION="latest" ]; then
&& sleep 1 \ # S6_URL="https://github.com/just-containers/s6-overlay/releases/latest/download/s6-overlay-${S6_ARCH}.tar.gz"
&& tar xvzf "/tmp/s6-overlay-${S6_ARCH}.tar.gz" -C / --exclude="./bin" \ # else
&& tar xvzf "/tmp/s6-overlay-${S6_ARCH}.tar.gz" -C /usr ./bin \ # S6_URL="https://github.com/just-containers/s6-overlay/releases/download/${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.gz"
&& echo -e "S6-overlay install complete." # fi
# curl -L -o "/tmp/s6-overlay-installer" "${S6_URL}" \ # # curl -L -o "/tmp/s6-overlay-${S6_ARCH}.tar.gz" "https://github.com/just-containers/s6-overlay/releases/download/${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.gz" \
# && chmod +x "/tmp/s6-overlay-installer" \ # curl -L -o "/tmp/s6-overlay-${S6_ARCH}.tar.gz" "${S6_URL}" \
# && bash "/tmp/s6-overlay-installer" \ # && sleep 1 \
# && tar xvzf "/tmp/s6-overlay-${S6_ARCH}.tar.gz" -C / --exclude="./bin" \
# && tar xvzf "/tmp/s6-overlay-${S6_ARCH}.tar.gz" -C /usr ./bin \
# && echo -e "S6-overlay install complete." # && echo -e "S6-overlay install complete."
## Download and run installer binary
if [ S6_OVERLAY_VERSION="latest" ]; then
S6_URL="https://github.com/just-containers/s6-overlay/releases/latest/download/s6-overlay-${S6_ARCH}-installer"
else
S6_URL="https://github.com/just-containers/s6-overlay/releases/download/${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}-installer"
fi
curl -L -o "/tmp/s6-overlay-installer" "${S6_URL}" \
&& chmod +x /tmp/s6-overlay-installer \
&& /tmp/s6-overlay-installer / \
&& echo -e "S6-overlay install complete."