Merge pull request #8 from LainForge/certbot

Adds SSL certificate with automatic renewal

.github/compose/production.yaml

@@ -1,10 +1,23 @@
-version: '3'
+version: '3.7'
 
 services:
-  lainforge:
+  nginx:
     image: rohansinghagent/lainforge-home:latest
-    container_name: lainforge-container
+    container_name: lainforge-home
+    volumes:
+      - ./data/nginx:/etc/nginx/conf.d
+      - ./data/certbot/conf:/etc/letsencrypt
+      - ./data/certbot/www:/var/www/certbot
     ports:
-      - 80:80
-      - 443:443
-    restart: unless-stopped
+      - "80:80"
+      - "443:443"
+    depends_on:
+      - certbot
+
+  certbot:
+    image: certbot/certbot
+    container_name: certbot
+    volumes:
+      - ./data/certbot/conf:/etc/letsencrypt
+      - ./data/certbot/www:/var/www/certbot
+    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"

Dockerfile

@@ -20,18 +20,10 @@ RUN rm -rf ./*
 
 COPY --from=build /app/dist .
 
-# Install Certbot and its dependencies
-RUN apk add --no-cache certbot certbot-nginx
-
-# Copy a custom Nginx configuration file (if needed)
-# COPY nginx.conf /etc/nginx/nginx.conf
-
-# Expose ports 80 and 443
 EXPOSE 80
 EXPOSE 443
 
-# Entry point script to obtain and renew the SSL certificate
 COPY entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh
-ENTRYPOINT ["/entrypoint.sh"]
 
+ENTRYPOINT ["/entrypoint.sh"]

entrypoint.sh

@@ -1,7 +1,3 @@
 #!/bin/sh
 
-# Check if Certbot needs to obtain or renew the certificate
-certbot certonly --nginx --non-interactive --agree-tos --email "[email protected]" -d lainforge.org -d www.lainforge.org
-
-# Start Nginx
 nginx -g "daemon off;"