Skip to main content

Automate Letsencrypt Certs renewal for Docker with Multisites Wordpress

 Assalamualaikum, 


Well to understand this post you will need to read first how i set multiple Wordpress sites in Docker containers~

 

LetsEncrypt Certification Auto Renewal

 


Ok the trick that i did to automate the renewal process is 


1. Create 2 separate docker file

I'm not able to create a single line letsencrypt command that can run cert renewal for two different domains, thus this is a hack way. If you have any suggestion let me know please!

 

ls -l wordpress/docker-compose*
-rw-rw-r-- 1 cxx cxx 2421 Jun  7 11:32 wordpress/docker-compose-4nutz.yml
-rw-rw-r-- 1 cxx cxx 2442 Jun  7 11:28 wordpress/docker-compose.yml

For file docker-compose-4nutz.yml small change made on the certbot definition, where i commented out the volumes for another website / kedaibiskut. Highlighted you can just totally remove it. Ensure the command is correct only for one domain and one path.

certbot:
    depends_on:
      - webserver
    image: certbot/certbot
    container_name: certbot
    volumes:
      - certbot-etc:/etc/letsencrypt
      - ./data/html:/var/www/html
        #    - ./data/kedaibiskut:/var/www/kedaibiskut

    command: certonly --webroot -w /var/www/html --email 4nutzdeli@gmail.com --agree-tos --no-eff-email --force-renewal -d 4nutz.tk -d www.4nutz.tk

 

Ensure the certbot definition for another site (kedai biskut) is correct too~

2. Add cron job to run the renewal cert every 3 months and restart webserver container too~

0 0 1 */3 * /usr/local/bin/docker-compose -f /home/cxx/wordpress/docker-compose.yml --verbose up  --force-recreate --no-deps certbot > /home/cxx/wordpress/lets_encrypt_renewal.log 2>&1 && /usr/local/bin/docker-compose -f /home/cxx/wordpress/docker-compose-4nutz.yml --verbose up  --force-recreate --no-deps certbot >> /home/cxx/wordpress/lets_encrypt_renewal.log 2>&1 && /usr/local/bin/docker-compose -f /home/cxx/wordpress/docker-compose.yml --verbose up -d  --force-recreate --no-deps webserver >> /home/cxx/wordpress/lets_encrypt_renewal.log 2>&1


What does the command do? 

a)  0 0 1 */3 *

run  At 00:00 on day-of-month 1 in every 3rd month.” 

b) /usr/local/bin/docker-compose -f /home/cxx/wordpress/docker-compose.yml --verbose up  --force-recreate --no-deps certbot > /home/cxx/wordpress/lets_encrypt_renewal.log 2>&1

 run docker-compose that renew cert for kedaibiskut domain and record the standard error and output to the specified path. eg (/home/cxx/wordpress/lets_encrypt_renewal.log) , the first, i dumped to new file. next command append the output the the file. This log is for troubleshooting process. Each command we run will have output recorded to the same file. 

c) &&

run the next command if the first one before "&&" is successful

 

d) /usr/local/bin/docker-compose -f /home/cxx/wordpress/docker-compose-4nutz.yml --verbose up  --force-recreate --no-deps certbot >> /home/cxx/wordpress/lets_encrypt_renewal.log 2>&1

run docker compose to renew cert for 4nutz domain. similar to b)

notice that for b) and d) i use the full docker-compose bin path. else the cron job will have problem locating docker-compose probably due to the environment path.


e) /usr/local/bin/docker-compose -f /home/cxx/wordpress/docker-compose.yml --verbose up -d  --force-recreate --no-deps webserver >> /home/cxx/wordpress/lets_encrypt_renewal.log 2>&1

 restart the webserver container faster to reload the new cert omg~ let me know if this is not good practice. our website is not so critical restarting it should be fine lol!

 

Thats all! finally the pending task done. ! i always need some mood to do website maintenance lol! tqtq

 



 
 

Labels:

Comments

Post a Comment

Popular posts from this blog

C# Serialization Tutorial Part 1 : Serialize object in file stream

Hello Peeps. Came across this topic while doing our game saving data feature. this post only cover basic serialization. basically serialization help us to convert our object into stream of bytes so that our object can be stored or transmit over in memory/file/database. before we can proceed with the serialization tutorial, we need to set the user permission to our target folder path. 1. Set the folder path to be accessible and can be override. This step is to avoid our program/apps from throwing unauthorizedaccessexception.    - for my scenario, im choosing the path of D:\SelfLearning\c#\Serialization to store my data file. Right click the target folder, select on Security tab Select on Users and give full control or modify permission to the user. 2. Now we are going to write our code. First we need to setup our folder path. 3. We going to create our file.  In this tutorial we are using FileStream type, other then FileStream, we can make use of MemoryStream i
Post a Comment
Read more

Tutorial on Min3D framework using Android Studio

Salam peeps, UPDATES***, the model on the old link is no longer working. so i have create a github repo, where i put the source code in a project, you guys can try to clone in and run on your android studio device emulator or directly on your phone, Ive replaced the model with a cube. https://github.com/aliaramli/Min3DTutorial Previously i ve posted tutorial on min3D using eclipse IDE, i believe most of us has moved to Android Studio IDE in developing android apps? As previous tutorial shows a lot of support from readers and among hot post in my blog, i ve decided to post the same tutorial but this time using Android Studio. For those who are familiar with Eclipse/Android Studio migration they might not have problem in running this tutorial . For more detail explanation on min3D please visit this website page Ok lets get started. Step One Create a new android project in android studio. you may name it as what you like, below are how i defined my project settings.
23 comments
Read more

Tutorial on min3d framework

Salam all. This time I want to share a bit, how I tried out the mid3d framework for the first time. Acknowledge that I am new to android development.   I just follow the tutorial on Mat-d website but there are certain things that I don’t understand how they actually work. Thus I want to share what I did step by step to make this example work. For explanations on coding/steps or errors please visit Mat-d website here J you ll understand more …. mat-d original tutorial load a 3d obl model with min3d for android Step one . Download min3d into your eclipse . Select File>Import>SVN>Checkout projects from SVN Next. Choose radio button : Create a new repository location Next. Enter the svn location http://min3d.googlecode.com/svn/trunk the thing that we want to check out from the svn is the min3d framework code. Step two. Download obj file  www.3dvia.com …you need to register first..it has free acc version.. and download the followin
44 comments
Read more