반응형
SSL 인증서 발급
config/certbot.yml
server {
listen 80;
server_name my.demo.com;
location /.well-known/acme-challenge/ {
allow all;
root /var/www/html;
}
}docker-compose-certbot-new.yml
version: "3.3"
services:
nginx:
image: nginx:1.17.9
ports:
- "80:80"
volumes:
- ./certbot/letsencrypt:/etc/letsencrypt
- ./certbot/static:/var/www/html
- ./config/certbot.conf:/etc/nginx/conf.d/certbot.conf
certbot:
image: certbot/certbot
volumes:
- ./certbot/letsencrypt:/etc/letsencrypt
- ./certbot/static:/var/www/html
command: certonly --webroot --webroot-path=/var/www/html --non-interactive --agree-tos -m my-demo@gmail.com -d my.demo.com
depends_on:
- nginx인증서 발급
docker-compose -f docker-compose-certbot-new.yml up인증서 발급 확인
sudo su$ ls certbot/letsencrypt/live/my.demo.com
cert.pem chain.pem fullchain.pem privkey.pem READMESSL 설정
config/nginx.conf
server {
listen 80;
server_name my.demo.com;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name my.demo.com;
ssl_certificate /etc/letsencrypt/live/my.demo.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/my.demo.com/privkey.pem;
location / {
root /deploy;
index index.html index.htm;
}
}docker-compose.yml
version: "3.3"
services:
nginx:
image: nginx:1.17.9
environment:
TZ: "Asia/Seoul"
ports:
- "80:80"
- "443:443"
volumes:
- ./certbot/letsencrypt:/etc/letsencrypt
- ./config/nginx.conf:/etc/nginx/conf.d/nginx.conf
- ./deploy:/deploy실행
docker-compose up -dhttps 접속 확인
curl https://my.demo.comSSL 인증서 갱신
docker-compose-certbot-renew.yml
version: "3.3"
services:
certbot:
image: certbot/certbot
volumes:
- ./certbot/letsencrypt:/etc/letsencrypt
command: renew인증서 갱신
docker-compose -f docker-compose-certbot-renew.yml up
반응형
'Development > Nginx' 카테고리의 다른 글
| [Nginx] Echo Module 사용하기 (0) | 2019.09.07 |
|---|---|
| [Nginx] 설정 (0) | 2019.07.06 |
| [Nginx] 설치 (0) | 2019.07.04 |