Create https certificates

deploy-this/lets-encrypt/all-domains.conf

@@ -0,0 +1,18 @@
+server {
+   listen 80 ;
+   
+   server_tokens off;
+ 
+   location /.well-known/acme-challenge/ {
+      root /var/www/certbot;
+   }
+
+ 
+   location / {
+        
+        proxy_pass http://work:8091;
+       
+        return 301 https://$host$request_uri;
+   }
+ 
+}

deploy-this/lets-encrypt/lets-encrypt-create-cert.jenkinsfile

@@ -0,0 +1,82 @@
+def domainsToCert = [  
+
+ //    [ false, 'bodypainter.eu', "mail", "stat", "www" ] 
+
+	 [ false, 'artikus.dynu.net', "mail", "stat", "www", "nextcloud" ]
+] 
+
+def createCert(domains, repo){
+
+	echo "Server ENV = ${SERVER_ENV}"
+    echo "Cerbot image = ${CERTBOT_IMAGE} "
+
+
+	def toCreateDomains =[]
+
+	for( domain in domains ){
+	      def force = domain[ 0 ]
+		  def name = domain[ 1 ]
+	  	  def fileName = '/_docker_data_/letsencrypt/live/'+name
+	   	  if( !force && fileExists( fileName ) ){
+	       	 echo "The file('${fileName}') certificate for '${domain}(main:${name})' exists! You should renew it"
+	      }else{
+	         echo "File '${fileName}' not exists! or ${force}  so create certificate for '${name}'"
+	    	 toCreateDomains.add( domain )
+	      }               
+    }
+    
+    echo "Certificate to create "+toCreateDomains
+	if( 0 == toCreateDomains.size() ){
+	    echo "All certificate should be refreshed! Nothing to create."
+	}else{
+	
+	    def lets_encrypt = "docker compose --file lets-encrypt.yml --env-file lets.env "
+      				    
+	    dir("/_programs_/"+repo+"/lets-encrypt"){
+	    
+		  for( domain in toCreateDomains ){
+	    	
+	    	   def name  = domain[ 1 ] 
+
+	    	   def run = " run --rm certbot certonly"+
+				         " --webroot -w /var/www/certbot"+
+	                     " --cert-name='"+name+"'"+
+	 				     " --non-interactive --agree-tos"+
+	 				     " --preferred-challenges http"+
+	 				     " --email kusartur@gmail.com" +
+	                     " -d "+name
+		     
+		        for( int indexSub = 2; indexSub < domain.size(); indexSub ++ ){
+		            def subDomain =  domain[ indexSub ]
+              		run = run +	" -d "+subDomain+ "." + name                                
+	            }
+ 	                     
+	     	    sh( lets_encrypt+run )
+	    	                       
+	        }
+	 	}
+	} 
+
+}
+
+
+pipeline {
+
+    agent any 
+     
+    stages {
+        stage('Make https cert for my domains') {
+            steps {
+				script{
+				   def repo_name ="zaklik-by-spring-boot"
+			       createCert( domainsToCert, repo_name )                  
+    			}
+            }
+       }
+    }
+
+}
+
+/*
+docker top <name> || docker run --name <name> <image>
+    */

deploy-this/lets-encrypt/lets-encrypt-multi-domain.sh

@@ -0,0 +1,10 @@
+docker compose --profile lets-encrypt \
+ --file 2.jenkins-with-docker-compose.yml --env-file for-lets-encrypt-docker.env \
+ run --rm certbot certonly  \
+ --webroot -w /var/www/certbot \
+ --cert-name="artikus.dynu.net" \
+ --preferred-challenges http \
+ -d artikus.dynu.net -d arti24.eu -d artikus.tk -d springing.tk -d artikusapi.tk \
+ --email kusartur@gmail.com
+    
+

deploy-this/lets-encrypt/lets-encrypt-renew.jenkinsfile

@@ -0,0 +1,15 @@
+pipeline {
+
+  agent any
+     
+  stages {
+    stage('Make https cert for my domains') {
+       
+      steps {
+        dir("/_programs_/zaklik-by-spring-boot/lets-encrypt"){
+          sh "docker compose --file lets-encrypt.yml --env-file lets.env run --rm certbot renew"
+        }
+       }
+    }
+  }  
+}

deploy-this/lets-encrypt/lets-encrypt.yml

@@ -0,0 +1,8 @@
+services:
+
+  certbot:
+    image: ${CERTBOT_IMAGE}
+    container_name: certbot 
+    volumes:
+      - ${DOCKER_DATA}/letsencrypt:/etc/letsencrypt:rw
+      - ${DOCKER_DATA}/letsencrypt-tmp:/var/www/certbot/:rw

deploy-this/lets-encrypt/lets.env

@@ -0,0 +1,7 @@
+INFO=Version 1_
+IMPORTANT_DATA=/home/artur/_important_data_
+DOCKER_DATA=/home/artur/_important_data_/_docker_data_
+JAVA_FOR_CV=openjdk:11
+MONGO_DB_PLATFORM=mongo
+NGINX_CONF=/home/artur/_important_data_/_start_system_on_docker_/nginx/conf/for-lets-encrypt
+