### https://letsencrypt.org/ ###
### https://certbot.eff.org/docs/using.html?highlight=expand
# 1) make sure there in no https redirects for the domian
# 2) check if the fomain is available
# 3) set up the traefic
traefik:
image: traefik
container_name: "traefik"
restart: unless-stopped
command: -c /dev/null --web --docker --logLevel=INFO --defaultEntryPoints='https' --entryPoints="Name:https Address::443 TLS:/certs/cert.pem,/certs/privkey.pem" --entryPoints="Name:http Address::80"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./certs:/certs/
ports:
- 80:80
- 443:443
# 4) set up an apache:
apache:
image: 'wodby/php-apache:2.4-3.0.5'
container_name: '${COMPOSE_PROJECT_NAME}_apache'
restart: always
depends_on:
- php
environment:
APACHE_LOG_LEVEL: debug
APACHE_BACKEND_HOST: php
APACHE_SERVER_ROOT: /var/www/html/web
volumes:
- ./:/var/www/html
labels:
traefik.backend: '${COMPOSE_PROJECT_NAME}_apache'
traefik.port: '80'
traefik.frontend.entryPoints: 'https,http'
traefik.frontend.rule: 'Host:www.ipso.ch,ipso.ch'
# 5) implement the command
docker run -it --rm --name certbot -v "/etc/letsencrypt:/etc/letsencrypt" -v "/var/lib/letsencrypt:/var/lib/letsencrypt" certbot/certbot certonly --manual -d ipso.ch - d www.ipso.ch --expand
# 6) Open new terminal window and create a file with the content on the server.
# 7) be aware that there are limits for generation 5 fails per hour.
# 8) proceed in a first window.