Public | Automated Build

Last pushed: 2 years ago
Short Description
Let's Encrypt in a crontab container. Daily renewal of Let's Encrypt certificates.
Full Description

Let's Certify

A companion container to a Dockerized web server which uses Let's Encrypt certificates.


Start the letscertify container:

$ docker run -d --name=letscertify anroots/letscertify

Configure your web server to accept HTTP queries to /.well-known/acme-challenge and use /tmp/letsencrypt-web as the document root.

# Nginx example. This will redirect all requests to HTTPS except Let's Encrypt certificate challenges
server {
  listen 80;

  location '/.well-known/acme-challenge' {
    default_type "text/plain";
    root /tmp/letsencrypt-web;

  location / {
    return 301 https://$host$request_uri;

Configure your web server to use Let's Encrypt certificates:

# Partial Nginx example
server {
  listen 443 ssl default deferred;

  ssl_certificate /etc/letsencrypt/live/;
  ssl_certificate_key /etc/letsencrypt/live/;
  ssl_trusted_certificate /etc/letsencrypt/live/;

Start your web server and bind volumes from letscertify:

$ docker run -d --volumes-from=letscertify:ro improv/gateway

The web server will mount /etc/letsencrypt, /var/lib/letsencrypt and /tmp/letsencrypt-web folders. letscertify will
run letsencrypt renew daily.

This is designed to auto-renew certificates. You'll still have to manually request initial certificates with something like the following:

$ docker exec letscertify letsencrypt certonly --webroot -w /tmp/letsencrypt-web/ -d --agree-tos --email


MIT license

Docker Pull Command
Source Repository