Prepare for letsencrypt container.

docker-compose.yml

@@ -3,6 +3,13 @@ services:
   data:
     build: ./
     hostname: app1.svenv.nl
+  letsencrypt:
+    depends_on:
+      - data
+    image: svenv/letsencrypt
+    restart: always
+    volumes_from:
+      - data
   postgresql:
     depends_on:
       - data

files/entrypoint.sh

@@ -32,4 +32,4 @@ chown -R app:app /srv/nginx/
 
 
 # Execute command
-exec "$@"
+exec "$@"

files/etc/nginx/conf.d/default.conf

@@ -7,17 +7,24 @@ upstream django {
 
 
 server {
-    listen 80 default_server;
+    listen 80;
+    root /srv/nginx;
     server_name svenv.nl  www.svenv.nl;
 
-    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+    location /.well-known {
+        root /srv/nginx;
+    }
 
-    gzip            on;
-    gzip_min_length 1000;
-    gzip_proxied    any;
-    gzip_types      *;
+    location / {
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
 
-    return 301 https://svenv.nl$request_uri;
+        gzip            on;
+        gzip_min_length 1000;
+        gzip_proxied    any;
+        gzip_types      *;
+
+        return 301 https://svenv.nl$request_uri;
+    }
 }
 
 

files/usr/local/bin/createcertlinks.sh

@@ -8,12 +8,12 @@
 
 
 # Link certificates
-hostname=`hostname`
+hostname=svenv.nl
 dir=`ls -t /etc/letsencrypt/live/ | grep $hostname | head -n 1`
 path="/etc/letsencrypt/live/$dir"
 
 rm -f /etc/ssl/certs/svenv.nl.crt
 rm -f /etc/ssl/certs/svenv.nl.key
 
 ln -s "$path/privkey.pem" "/etc/ssl/certs/svenv.nl.key"
-ln -s "$path/fullchain.pem" "/etc/ssl/certs/svenv.nl.crt"
+ln -s "$path/fullchain.pem" "/etc/ssl/certs/svenv.nl.crt"