web: use certbot-auto
This commit is contained in:
parent
b95c95de0e
commit
b039b29b7a
|
@ -1,12 +1,13 @@
|
||||||
ARG JITSI_REPO=jitsi
|
ARG JITSI_REPO=jitsi
|
||||||
FROM ${JITSI_REPO}/base
|
FROM ${JITSI_REPO}/base
|
||||||
|
|
||||||
|
ADD https://dl.eff.org/certbot-auto /usr/local/bin/
|
||||||
|
|
||||||
COPY rootfs/ /
|
COPY rootfs/ /
|
||||||
|
|
||||||
RUN \
|
RUN \
|
||||||
apt-dpkg-wrap apt-get update && \
|
apt-dpkg-wrap apt-get update && \
|
||||||
apt-dpkg-wrap apt-get install -y cron nginx-extras jitsi-meet-web && \
|
apt-dpkg-wrap apt-get install -y cron nginx-extras jitsi-meet-web && \
|
||||||
apt-dpkg-wrap apt-get install -y -t stretch-backports certbot && \
|
|
||||||
apt-dpkg-wrap apt-get -d install -y jitsi-meet-web-config && \
|
apt-dpkg-wrap apt-get -d install -y jitsi-meet-web-config && \
|
||||||
dpkg -x /var/cache/apt/archives/jitsi-meet-web-config*.deb /tmp/pkg && \
|
dpkg -x /var/cache/apt/archives/jitsi-meet-web-config*.deb /tmp/pkg && \
|
||||||
mv /tmp/pkg/usr/share/jitsi-meet-web-config/config.js /defaults && \
|
mv /tmp/pkg/usr/share/jitsi-meet-web-config/config.js /defaults && \
|
||||||
|
@ -15,6 +16,10 @@ RUN \
|
||||||
rm -f /etc/nginx/conf.d/default.conf && \
|
rm -f /etc/nginx/conf.d/default.conf && \
|
||||||
rm -rf /tmp/pkg /var/cache/apt
|
rm -rf /tmp/pkg /var/cache/apt
|
||||||
|
|
||||||
|
RUN \
|
||||||
|
chmod a+x /usr/local/bin/certbot-auto && \
|
||||||
|
certbot-auto --noninteractive --install-only
|
||||||
|
|
||||||
EXPOSE 80 443
|
EXPOSE 80 443
|
||||||
|
|
||||||
VOLUME ["/config", "/etc/letsencrypt", "/usr/share/jitsi-meet/transcripts"]
|
VOLUME ["/config", "/etc/letsencrypt", "/usr/share/jitsi-meet/transcripts"]
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
s6-svc -d /var/run/s6/services/nginx
|
s6-svc -d /var/run/s6/services/nginx
|
||||||
|
|
||||||
# renew cert
|
# renew cert
|
||||||
certbot -n renew >> /config/le-renew.log
|
certbot-auto --no-self-upgrade -n renew >> /config/le-renew.log
|
||||||
|
|
||||||
# start nginx
|
# start nginx
|
||||||
s6-svc -u /var/run/s6/services/nginx
|
s6-svc -u /var/run/s6/services/nginx
|
||||||
|
|
|
@ -11,7 +11,9 @@ mkdir -p \
|
||||||
if [[ $DISABLE_HTTPS -ne 1 ]]; then
|
if [[ $DISABLE_HTTPS -ne 1 ]]; then
|
||||||
if [[ $ENABLE_LETSENCRYPT -eq 1 ]]; then
|
if [[ $ENABLE_LETSENCRYPT -eq 1 ]]; then
|
||||||
if [[ ! -f /etc/letsencrypt/live/$LETSENCRYPT_DOMAIN/fullchain.pem ]]; then
|
if [[ ! -f /etc/letsencrypt/live/$LETSENCRYPT_DOMAIN/fullchain.pem ]]; then
|
||||||
if ! certbot certonly \
|
if ! certbot-auto \
|
||||||
|
certonly \
|
||||||
|
--no-self-upgrade \
|
||||||
--noninteractive \
|
--noninteractive \
|
||||||
--standalone \
|
--standalone \
|
||||||
--preferred-challenges http \
|
--preferred-challenges http \
|
||||||
|
|
Loading…
Reference in New Issue
Block a user