On the internet there are multiple docker images and compose files which help you to setup an environment with Node and a valid https let’s encript certs in no time.
Among the different options which one should I pick? Which one is “secure”, up-to-date and easy to use?
After some tries and articles read I ended up by adopting the solution proposed by linuxserver.io.
To get it started, what you need is a machine able to run docker.
Let’s make a new directory (eg $HOME/letsencrypt/ ) and let’s create there a file with having as content the code below. The script will create an image called “letsenginx” with a basic configuration set by the environment variables.
#!/bin/bash
#### -BEGIN - CONFIG TO EDIT ####
CFG_PATH=$HOME/letsenginx/volume_cfg
PROC_GID=1001
PROC_UID=1001
LE_URL=yourdomain.com
LE_EMAIL=admin@yourdomain.com
LE_SUBDOMAINS=www,ftp,somethingelse
LE_VALIDATION=http
LE_TIMEZONE=Italy/Rome
#### - END - CONFIG TO EDIT ####
mkdir -p $CFG_PATH
docker create \
--cap-add=NET_ADMIN \
--name=letsenginx \
-v $CFG_PATH:/config \
-e PGID=$PROC_GID -e PUID=$PROC_UID \
-e EMAIL=$LE_EMAIL \
-e URL=$LE_URL \
-e SUBDOMAINS=$LE_SUBDOMAINS \
-e VALIDATION=$LE_VALIDATION \
-p 80:80 -p 443:443 \
-e TZ=$LE_TIMEZONE \
linuxserver/letsencrypt
The script will take a while to run since it generates some certificates. You can check the status of the image in any moment by running
docker logs IMAGE_ID
Once docker create command exists, you can start the image with:
docker start IMAGE_ID
If everything worked correctly then you should be able to connect to http://yourMachineIP and see valid certificate icon in the URL bar of the browser.
you can now amend the configuration of your nginx instance by editing the filesĀ $HOME/letsenginx/volume_cfg.
Static HTML files, nginx and letsencrypt config are now available there. Try to keep the certificate secure.