Jekyll powered gnailuy.com
docker build -t gnailuy/jekyll .
docker run --rm -v $PWD:/app -it gnailuy/jekyll build
docker run --rm -v $PWD:/app -p 4000:4000 -it gnailuy/jekyll serve --host 0.0.0.0
- Install Certbot and the Cloudflare plugin
- Prepare Cloudflare API token for Certbot and put it in file
cloudflare_api_token.ini
sudo certbot certonly --dns-cloudflare --dns-cloudflare-credentials ./cloudflare_api_token.ini -d "*.gnailuy.com"
sudo cp /etc/letsencrypt/live/gnailuy.com/* /home/yuliang/letsencrypt/live/gnailuy.com/
docker run -d --restart unless-stopped --name gnaiux --network githook -v /home/yuliang/gnailuy.com/_nginx/conf:/etc/nginx:ro -v /home/yuliang/letsencrypt:/etc/letsencrypt:ro -v /home/yuliang/webroot:/usr/share/nginx/html:ro -v /home/yuliang/logs:/var/log/nginx -p 80:80 -p 443:443 nginx
Note that I use the same network with the githook
on my host so that Nginx can find the webhook server with it's name githook_server
.
File name: /etc/letsencrypt/renewal-hooks/post/gnailuy.com.sh
#!/bin/bash
LOGPATH=/home/yuliang/logs/certbot.log
echo "[$(date)] Copying certs for gnailuy.com" >> $LOGPATH
cp /etc/letsencrypt/live/gnailuy.com/* /home/yuliang/letsencrypt/live/gnailuy.com/
echo "[$(date)] Restarting Nginx for gnailuy.com" >> $LOGPATH
/snap/bin/docker restart gnaiux
echo "[$(date)] Updated certs in /home/yuliang/letsencrypt/live/gnailuy.com/" >> $LOGPATH
Each time certbot renew
updates the certificates, this hook will run.