add test certbot

2026-06-28 01:58:34 +00:00 · 2023-09-11 01:38:50 +00:00
parent 3e5efaf711
commit 4943dbb1f0
6 changed files with 37 additions and 9 deletions
@@ -0,0 +1 @@
+letsencrypt
@@ -1,18 +1,19 @@
 FROM ubuntu:22.04

+# install dependencies
 RUN apt-get update && apt-get upgrade
-RUN apt-get install -y git nginx
+RUN apt-get install -y nginx certbot python3-certbot-nginx

 RUN rm /etc/nginx/sites-enabled/default
-RUN ln -sf /dev/stdout /var/log/nginx/access.log
-RUN ln -sf /dev/stderr /var/log/nginx/error.log

+# enable matthewtran.com
 COPY matthewtran.com /etc/nginx/sites-available
 RUN  ln -s /etc/nginx/sites-available/matthewtran.com /etc/nginx/sites-enabled/matthewtran.com
 COPY html /var/www/matthewtran.com/html

+# TODO gitea
+# disable registration!
+
+# start script
 WORKDIR /root
 COPY entry.sh ./
-
-# TODO gitea
-# TODO disable registration except admin
@@ -1,3 +1,24 @@
 #!/bin/sh

-nginx -g 'daemon off;'
+nginx
+while [ ! -f /var/run/nginx.pid ]
+do
+    sleep 1
+done
+
+# server needs to be up to grab certificates
+certbot --nginx \
+    --test-cert \
+    --webroot-path /var/www/matthewtran.com \
+    --non-interactive --agree-tos -m matthewlamtran@berkeley.edu \
+    -d matthewtran.com \
+    -d www.matthewtran.com
+
+nginx -s reload
+
+# try renew once a day
+while true
+do
+    certbot renew --quiet
+    sleep 86400
+done