Commit 67ceb627 authored by Dashamir Hoxha's avatar Dashamir Hoxha

Get automatically a letsencrypt ssl cert, if SSL_CERT_EMAIL and DOMAIN are defined.

parent fbec7c10
......@@ -9,8 +9,8 @@ _EOF
cmd_create() {
local nosystemd='false'
if [[ $1 == 'nosystemd' ]]; then
nosystemd='true'
shift
nosystemd='true'
shift
fi
# create a ds network if it does not yet exist
......@@ -27,17 +27,17 @@ cmd_create() {
docker create --name=$CONTAINER --hostname=$CONTAINER \
--restart=unless-stopped \
--mount type=bind,source=$(pwd),destination=/host \
$(_systemd_config $nosystemd) \
$(_systemd_config $nosystemd) \
$(_mount_letsencrypt_dirs) \
$(_published_ports) \
$(_network_and_aliases) \
"[email protected]" $IMAGE
# register domains to wsproxy
if [[ -n $DOMAIN ]]; then
local wsproxy=${WSPROXY:-wsproxy}
ds @$wsproxy domains-add $CONTAINER $DOMAIN $DOMAINS
fi
# add DOMAIN to wsproxy
_add_domains_to_wsproxy
# get a ssl cert from letsencrypt
_get_ssl_cert_from_letsencrypt
}
### Configure the host for running systemd containers.
......@@ -61,9 +61,21 @@ _systemd_config() {
echo "$systemd_options"
}
### return 1 (false) if we don't need to get a ssl cert
### otherwise return 0 (true)
needs_ssl_cert() {
[[ -z $SSL_CERT_EMAIL ]] && return 1
[[ -z $DOMAIN ]] && return 1
[[ $DOMAIN =~ ^(.*\.)?example\.org$ ]] && return 1
[[ $DOMAIN =~ ^(.*\.)?example\.com$ ]] && return 1
[[ $DOMAIN =~ \.local$ ]] && return 1
return 0
}
### mount letsencrypt config dirs
_mount_letsencrypt_dirs() {
[[ -n $DOMAIN ]] || return
needs_ssl_cert || return
local wsproxy=${WSPROXY:-wsproxy}
local certdir="$CONTAINERS/$wsproxy/letsencrypt"
......@@ -103,3 +115,17 @@ _network_and_aliases() {
echo "$network"
}
### add DOMAIN and DOMAINS to wsproxy
_add_domains_to_wsproxy() {
[[ -z $DOMAIN ]] && return
local wsproxy=${WSPROXY:-wsproxy}
ds @$wsproxy domains-add $CONTAINER $DOMAIN $DOMAINS
}
### get a ssl cert from letsencrypt
_get_ssl_cert_from_letsencrypt() {
needs_ssl_cert || return
ds @wsproxy get-ssl-cert $SSL_CERT_EMAIL $DOMAIN
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment