kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-07-02 23:22:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
computer-playbook/roles/nginx-docker-cert-deploy/README.md

67 lines
2.5 KiB
Markdown
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Nginx Docker Cert Deploy Role
🎉 **Author**: [Kevin Veen-Birkenbach](https://www.veen.world)
This Ansible role simplifies the deployment of **Let's Encrypt certificates** into **Docker Compose** setups with Nginx. It supports both **individual certificates per subdomain** and a **single wildcard certificate** for all subdomains.
---
## 🚀 **Features**
- Automatically deploys **Let's Encrypt certificates** to Docker Compose setups.
- Supports both **single-domain certificates** and **one wildcard certificate** for all subdomains.
- **Copies certificates** to the target directory inside the container.
- Automatically **reloads or restarts Nginx services** when certificates are updated.
- **Configures and manages a `systemd` service** for automated certificate deployment.
- **Includes a `systemd` timer** for scheduled renewals.
- **Handles dependent services** like `systemd-notifier`.
---
## 🔧 **Tasks Overview**
### **1⃣ Main Tasks**
1. **Add Deployment Script**
- Copies `nginx-docker-cert-deploy.sh` to the administrator scripts directory.
2. **Create Certificate Directory**
- Ensures `cert_mount_directory` exists with proper permissions.
3. **Configure `systemd` Service**
- Deploys a `systemd` service file for the deployment process.
4. **Include `systemd-timer` Role**
- Schedules automatic certificate deployment using a `systemd` timer.
### **2⃣ Handlers**
- **Restart Nginx Service**
- Restarts `nginx-docker-cert-deploy` whenever a certificate update occurs.
---
## **🔧 Deploying Certificates into Docker Containers**
The role **automates copying certificates** into Docker Compose setups.
### **1⃣ Deployment Script (`nginx-docker-cert-deploy.sh`)**
This script:
- **Copies certificates** to the correct container directory.
- **Reloads Nginx** inside all running containers.
- **Restarts containers if needed**.
**Usage:**
```sh
sh nginx-docker-cert-deploy.sh primary_domain /path/to/docker/compose
```
---
## 🎯 **Summary**
| Feature | Description |
|---------|------------|
| **Single-domain & wildcard support** | Use individual certs or a wildcard certificate |
| **Automated renewal** | Cronjob or systemd timer ensures auto-renewals |
| **Docker-ready** | Deploys certificates directly into Docker containers |
| **Supports Nginx & Mailu** | Compatible with multiple services |
| **Systemd integration** | Automates deployment via `systemd` |
🚀 **Now your Nginx setup is fully automated and secured with Let's Encrypt!** 🎉
```
Reference in New Issue View Git Blame Copy Permalink