dnsrobocert
dnsrobocert copied to clipboard
Deploy hook from inside docker
I guess this is a very common use case but couldn't find anything in documentation. Opening this ticket to discuss best practice and contribute a recommendation to docs.
Hey all, dnsrobocert is running inside a docker container. Upon certificate renewal I would like to restart relevant docker containers to reload certificate files. How would I go about doing that? I suspect it would be possible to bind the docker socket and trigger a restart through that, but is that really the best and recommended method?
I would be thankful for any kind of hint or ideally a docker-compose.yml
example! Thanks guys
There's the autorestart
and autocmd
configuration options available. Both will require you to mount the Docker socket to work.
More details here: https://github.com/adferrand/dnsrobocert/blob/master/docs/configuration_reference.rst#certificates-section
We used the autocmd
which triggers a script in the nginx
reverse proxy container to (1) copy the certificates to the desired place, and then (2) trigger nginx -s reload
. This worked well for us in the past.
Here's an example of @qqilihq's suggestion if anyone else ends up here while looking for a solution: Script to deploy certificates generated with DNSroboCert to nginx-proxy