arti24
/
proxy-nginx
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Create https certificates

This commit is contained in:
Artur 2024-10-04 16:50:25 +02:00
parent 9e0a26157f
commit 846e4fbc43
6 changed files with 140 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
deploy-this/lets-encrypt/all-domains.conf Normal file
View File

@ -0,0 +1,18 @@
server {
listen 80 ;
server_tokens off;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
proxy_pass http://work:8091;
return 301 https://$host$request_uri;
}
}

82
deploy-this/lets-encrypt/lets-encrypt-create-cert.jenkinsfile Executable file
View File

@ -0,0 +1,82 @@
def domainsToCert = [
// [ false, 'bodypainter.eu', "mail", "stat", "www" ]
[ false, 'artikus.dynu.net', "mail", "stat", "www", "nextcloud" ]
]
def createCert(domains, repo){
echo "Server ENV = ${SERVER_ENV}"
echo "Cerbot image = ${CERTBOT_IMAGE} "
def toCreateDomains =[]
for( domain in domains ){
def force = domain[ 0 ]
def name = domain[ 1 ]
def fileName = '/_docker_data_/letsencrypt/live/'+name
if( !force && fileExists( fileName ) ){
echo "The file('${fileName}') certificate for '${domain}(main:${name})' exists! You should renew it"
}else{
echo "File '${fileName}' not exists! or ${force} so create certificate for '${name}'"
toCreateDomains.add( domain )
}
}
echo "Certificate to create "+toCreateDomains
if( 0 == toCreateDomains.size() ){
echo "All certificate should be refreshed! Nothing to create."
}else{
def lets_encrypt = "docker compose --file lets-encrypt.yml --env-file lets.env "
dir("/_programs_/"+repo+"/lets-encrypt"){
for( domain in toCreateDomains ){
def name = domain[ 1 ]
def run = " run --rm certbot certonly"+
" --webroot -w /var/www/certbot"+
" --cert-name='"+name+"'"+
" --non-interactive --agree-tos"+
" --preferred-challenges http"+
" --email kusartur@gmail.com" +
" -d "+name
for( int indexSub = 2; indexSub < domain.size(); indexSub ++ ){
def subDomain = domain[ indexSub ]
run = run + " -d "+subDomain+ "." + name
}
sh( lets_encrypt+run )
}
}
}
}
pipeline {
agent any
stages {
stage('Make https cert for my domains') {
steps {
script{
def repo_name ="zaklik-by-spring-boot"
createCert( domainsToCert, repo_name )
}
}
}
}
}
/*
docker top <name> || docker run --name <name> <image>
*/

10
deploy-this/lets-encrypt/lets-encrypt-multi-domain.sh Executable file
View File

@ -0,0 +1,10 @@
docker compose --profile lets-encrypt \
--file 2.jenkins-with-docker-compose.yml --env-file for-lets-encrypt-docker.env \
run --rm certbot certonly \
--webroot -w /var/www/certbot \
--cert-name="artikus.dynu.net" \
--preferred-challenges http \
-d artikus.dynu.net -d arti24.eu -d artikus.tk -d springing.tk -d artikusapi.tk \
--email kusartur@gmail.com

15
deploy-this/lets-encrypt/lets-encrypt-renew.jenkinsfile Executable file
View File

@ -0,0 +1,15 @@
pipeline {
agent any
stages {
stage('Make https cert for my domains') {
steps {
dir("/_programs_/zaklik-by-spring-boot/lets-encrypt"){
sh "docker compose --file lets-encrypt.yml --env-file lets.env run --rm certbot renew"
}
}
}
}
}

8
deploy-this/lets-encrypt/lets-encrypt.yml Normal file
View File

@ -0,0 +1,8 @@
services:
certbot:
image: ${CERTBOT_IMAGE}
container_name: certbot
volumes:
- ${DOCKER_DATA}/letsencrypt:/etc/letsencrypt:rw
- ${DOCKER_DATA}/letsencrypt-tmp:/var/www/certbot/:rw

7
deploy-this/lets-encrypt/lets.env Normal file
View File

@ -0,0 +1,7 @@
INFO=Version 1_
IMPORTANT_DATA=/home/artur/_important_data_
DOCKER_DATA=/home/artur/_important_data_/_docker_data_
JAVA_FOR_CV=openjdk:11
MONGO_DB_PLATFORM=mongo
NGINX_CONF=/home/artur/_important_data_/_start_system_on_docker_/nginx/conf/for-lets-encrypt