00c8231925
- Switch Certbot to dns-cloudflare plugin - Remove individual service certificates - Update Nginx to use single wildcard cert - Fix macOS Docker file caching issue by renaming cert files - Ignore cloudflare.ini and ssl-certs in git
19 lines
698 B
YAML
19 lines
698 B
YAML
version: '3.8'
|
|
|
|
services:
|
|
certbot:
|
|
image: certbot/dns-cloudflare
|
|
container_name: home-service-certbot-daemon
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ./ssl-certs:/etc/letsencrypt
|
|
- ./certbot-webroot:/var/www/certbot
|
|
- ./cloudflare.ini:/secrets/cloudflare.ini:ro
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
# 12시간마다 갱신 체크 + DNS 검증 사용
|
|
entrypoint: >
|
|
/bin/sh -c ' apk add --no-cache docker-cli && trap exit TERM; while :; do
|
|
certbot renew --dns-cloudflare --dns-cloudflare-credentials /secrets/cloudflare.ini --post-hook "docker exec home-service-proxy-ssl nginx -s reload";
|
|
sleep 12h & wait $${!};
|
|
done;'
|