The Neon Goalie introduced me to Let's Encrypt. Very quick, easy and free way of creating SSL certificates.
I needed to create an SSL cert for this site. I use a nginx docker container behind nginx-proxy. As I'm getting ready to configure Let's Encrypt's shellcode to generate my ssl and setup the nginx-proxy to everything it needs. There's a new compainion container that works with nginx-proxy letsencrypt-nginx-proxy-companion.
I use puppet and docker puppet module module to configure containers that run here.
---
classes:
- docker
- docker::run_instance
docker::run_instance::instance:
nginx_proxy:
image: jwilder/nginx-proxy
ports:
- 80:80
- 443:443
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /etc/nginx/vhost.d
- /usr/share/nginx/html
- /srv/letsencrypt:/etc/nginx/certs:ro
lets_encrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
volumes_from: nginx-proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /srv/letsencrypt:/etc/nginx/certs:rw
depends:
- nginx_proxy
after:
- nginx_proxy
static_web:
image: nginx:alpine
env:
- NGINX_HOST=www.terzo.org
- NGINX_PORT=80
- VIRTUAL_HOST=terzo.org,www.terzo.org
- LETSENCRYPT_HOST=terzo.org,www.terzo.org
- LETSENCRYPT_EMAIL=mike@terzo.org
volumes:
- /srv/gitlab/www:/usr/share/nginx/html
expose:
- 80
after:
- lets_encrypt
depends:
- lets_encrypt