Created
January 2, 2020 00:48
-
-
Save williamhaley/d88526f23d91c0fbf0e75706c86cba1c to your computer and use it in GitHub Desktop.
Generate LetsEncrypt cert and deploy nginx from docker with HTTP basic auth
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -x | |
| email='[email protected]' | |
| domain='whatever.wherever.com' | |
| username='admin' | |
| password='password' | |
| # Copy this inside the container. Let's Encrypt is going to modify it automatically. | |
| # Better to let that change be ephemeral and not alter source config file. | |
| cp /temporary/my.nginx.prod.conf /etc/nginx/conf.d/default.conf | |
| # Run nginx in the background so that certbot can use it to validate the request | |
| nginx | |
| while ! pidof nginx; | |
| do | |
| echo "waiting for nginx to start..." | |
| sleep 1 | |
| done | |
| # Request a certificate from LetsEncrypt | |
| certbot \ | |
| --nginx \ | |
| --non-interactive \ | |
| --redirect \ | |
| -d ${domain} \ | |
| --email ${email} \ | |
| --agree-tos | |
| killall -9 nginx | |
| while pidof nginx; | |
| do | |
| echo "waiting for nginx to stop..." | |
| sleep 1 | |
| done | |
| # Password protect with basic http auth | |
| mkdir -p /etc/apache2 | |
| printf "${username}:$(openssl passwd -crypt ${password})\n" > /etc/apache2/.htpasswd | |
| # Run nginx in the foreground now that HTTPS certs are configured | |
| nginx -g 'daemon off;' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment