From 8553bbcf8d261c943c48226b0bc6b4ce3825b6ba Mon Sep 17 00:00:00 2001 From: moeny-matt Date: Tue, 5 Nov 2024 14:53:29 -0500 Subject: [PATCH] Update README for SSL --- README.md | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/README.md b/README.md index a1c2df7..e3ff4b7 100644 --- a/README.md +++ b/README.md @@ -93,3 +93,46 @@ docker-compose up -d ```bash docker ps -a ``` + +5. To enable SSL, you can use certbot: + +```bash +sudo apt update +sudo apt install certbot +sudo certbot certonly --standalone -d yourdomain.com +``` +This will create SSL certificates in /etc/letsencrypt/live/yourdomain.com + +6. Update your docker-compose.yml file to use these certificates by mounting the certificate and private key locations: + +```yaml +services: + nginx: + restart: on-failure + image: nginx + ports: + - ${NGINX_PORT:-80}:80 + - ${NGINX_TLS_PORT:-443}:443 + volumes: + - ./nginx/nginx.conf:/etc/nginx/nginx.conf + - /etc/letsencrypt/live/yourdomain.com/fullchain.pem:/etc/nginx/ssl/certificate.crt:ro + - /etc/letsencrypt/live/yourdomain.com/privkey.pem:/etc/nginx/ssl/private_key.key:ro +``` + +7. Restart your services: + +```bash +docker-compose down +docker-compose up -d +``` + +8. Set up auto renewal for the certificates with cron job: + +```bash +sudo crontab -e +``` +Add this line to run the renewal daily (it will only renew if necessary): + +```bash +0 3 * * * certbot renew --quiet --deploy-hook "docker-compose restart nginx" +```