First commit

2023-02-27 00:51:23 +00:00 · 2023-02-27 00:51:23 +00:00 · 2b8fef622f
commit 2b8fef622f
2 changed files with 35 additions and 0 deletions
--- a/21
+++ b/21
@ -0,0 +1,21 @@
+# Select your image
+FROM ubi9:latest
+
+# Install epel, wget and certbot. Download the acme-dns validator
+RUN yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
+RUN yum install wget certbot -y
+RUN wget https://github.com/joohoi/acme-dns-certbot-joohoi/raw/master/acme-dns-auth.py
+
+# Amend the python script, make it executable and place it in /etc/letsencrypt
+RUN sed -i 's/python/python3/g' acme-dns-auth.py 
+RUN chmod +x acme-dns-auth.py 
+RUN mv acme-dns-auth.py /etc/letsencrypt/
+
+# Make the output dir for the SSL certificates and create the startup script
+RUN mkdir /letsencrypt
+## change example.com and domain.com with your actual web and mail servers.
+RUN echo -e 'certbot certonly --manual --manual-auth-hook /etc/letsencrypt/acme-dns-auth.py --preferred-challenges dns --debug-challenges --email mailbox@domain.com --agree-tos --no-eff-email -d example.com -d www.example.com && cp -aL /etc/letsencrypt/live/example.com/* /letsencrypt' > /.startup.sh
+
+# Make your startup script executable and run it
+RUN chmod +x /.startup.sh
+CMD ["/bin/bash","/.startup.sh"]
--- a/README.txt
+++ b/README.txt
@ -0,0 +1,14 @@
+Use this docker container locally to either create or renew your Lets Encrypt SSL certificates.
+
+The docker container uses DNS validation and assumes you have access to your domain zone.
+
+You don't need to upload no files to your actual web server besides the generated SSL certificates.
+
+Make sure you read the comments in the Dockerfile and that the letsencrypt folder exists in the root of this project.
+This is where the SSL certificates will be saved.
+
+1) Build the container:
+$ podman build -t certbot:01 .
+
+2) Run the container:
+$ podman run -it -v ./letsencrypt/:/letsencrypt:Z certbot:01