On the internet there are multiple docker images and compose files which help you to setup an environment with Node and a valid https let’s encript certs in no time.
Among the different options which one should I pick? Which one is “secure”, up-to-date and easy to use?
After some tries and articles read I ended up by adopting the solution proposed by linuxserver.io.
To get it started, what you need is a machine able to run docker.
Let’s make a new directory (eg $HOME/letsencrypt/ ) and let’s create there a file with having as content the code below. The script will create an image called “letsenginx” with a basic configuration set by the environment variables.
#!/bin/bash #### -BEGIN - CONFIG TO EDIT #### CFG_PATH=$HOME/letsenginx/volume_cfg PROC_GID=1001 PROC_UID=1001 LE_URL=yourdomain.com LE_EMAILfirstname.lastname@example.org LE_SUBDOMAINS=www,ftp,somethingelse LE_VALIDATION=http LE_TIMEZONE=Italy/Rome #### - END - CONFIG TO EDIT #### mkdir -p $CFG_PATH docker create \ --cap-add=NET_ADMIN \ --name=letsenginx \ -v $CFG_PATH:/config \ -e PGID=$PROC_GID -e PUID=$PROC_UID \ -e EMAIL=$LE_EMAIL \ -e URL=$LE_URL \ -e SUBDOMAINS=$LE_SUBDOMAINS \ -e VALIDATION=$LE_VALIDATION \ -p 80:80 -p 443:443 \ -e TZ=$LE_TIMEZONE \ linuxserver/letsencrypt
The script will take a while to run since it generates some certificates. You can check the status of the image in any moment by running
docker logs IMAGE_ID
Once docker create command exists, you can start the image with:
docker start IMAGE_ID
If everything worked correctly then you should be able to connect to http://yourMachineIP and see valid certificate icon in the URL bar of the browser.
you can now amend the configuration of your nginx instance by editing the files $HOME/letsenginx/volume_cfg.
Static HTML files, nginx and letsencrypt config are now available there. Try to keep the certificate secure.