Setup letsencrypt with Laradock

  1. in docker-compose.yml set $CN and $EMAIL with your data:
certbot:
build:
context: ./certbot
volumes:
- ./data/certbot/certs/:/var/certs
- ./certbot/letsencrypt/:/var/www/letsencrypt
environment:
- CN=fake.domain.com
- [email protected]
networks:
- frontend
  1. in docker-compose.yml add the volumes used in certbot:
nginx:
volumes:
- ./data/certbot/certs/:/var/certs
- ./certbot/letsencrypt/:/var/www/letsencrypt
  1. Make sure port 443 is disabled in your laradock/nginx/sites/xxx.conf
# For https
# listen 443 ssl;
# listen [::]:443 ssl ipv6only=on;
# ssl_certificate /etc/nginx/ssl/default.crt;
# ssl_certificate_key /etc/nginx/ssl/default.key;
  1. stop nginx container

docker-compose stop nginx

  1. rebuild nginx container with –no-cache option

docker-compose build --no-cache nginx

  1. build certbot container

docker-compose build --no-cache certbot

  1. start nginx container

docker-compose up -d nginx

  1. now install the certifcates with certbot

docker-compose up -d certbot

  1. reactivates port 443 and set the correct paths of the certificates on laradock/nginx/sites/xxx.conf
# For https
listen 443 ssl;
listen [::]:443 ssl ipv6only=on;
ssl_certificate /var/certs/xxx-cert1.pem;
ssl_certificate_key /var/certs/xxx-privkey1.pem;

Set the ssl directory with the setting of the volume in the nginx section of docker-compose.yml
Substitute xxx with the CN set in the certbot section of docker-compose.yml

  1. finally stop and rebuild nginx with --no-cache option:
docker-compose stop nginx
docker-compose build --no-cache nginx
docker-compose up -d nginx

Posted

in

by

Comments

Leave a Reply