Very small and easy useable docker container with Nginx web-server and "Let's Encrypt" client - ACME.sh.
After the initial issue of the certificate, its updating is automated by cron in container!
- 1.12-alpine or latest (1.12-alpine/Dockerfile)
- 1.12-debian (1.12-debian/Dockerfile)
- 1.13-alpine (1.13-alpine/Dockerfile)
- 1.13-debian (1.13-debian/Dockerfile)
Old releases:
- 1.10-alpine (1.10-alpine/Dockerfile)
- 1.10-debian (1.10-debian/Dockerfile)
- 1.11-alpine (1.11-alpine/Dockerfile)
- 1.11-debian (1.11-debian/Dockerfile)
-
Create directories for docker container volumes:
mkdir -p /var/docker/nginx/ssl /var/docker/nginx/conf.d
-
Generate a DH Parameter (Key) File (recommended 2048 bits):
openssl dhparam -out /var/docker/nginx/ssl/dhparam.pem 2048
-
Create configs for Nginx in /var/docker/nginx: See the simple examples in GitHub Repository and Mozilla SSL Configuration Generator.
-
Create user-defined network:
sudo docker network create nginx
-
Create docker container:
sudo docker run \ --name nginx \ --hostname nginx \ --network nginx \ -p 80:80 \ -p 443:443 \ -e ACCOUNT_CONF_PATH=/etc/nginx/ssl/acme.sh.conf \ -v /etc/timezone:/etc/timezone:ro -v /etc/localtime:/etc/localtime:ro \ -v /var/docker/nginx/nginx.conf:/etc/nginx/nginx.conf:ro \ -v /var/docker/nginx/conf.d:/etc/nginx/conf.d:ro \ -v /var/docker/nginx/ssl:/etc/nginx/ssl:rw \ -v /var/docker/nginx/logs:/var/log/nginx:rw \ -v /var/docker/nginx/www:/var/www:rw \ -d --restart always \ magnaz/nginx-acme:1.12-alpine
-
Initial issue "Let's Encrypt" certificate:
sudo docker exec nginx \ acme.sh --issue \ -w /var/www/example.com \ -d example.com -d www.example.com