dnsrobocert icon indicating copy to clipboard operation
dnsrobocert copied to clipboard

Published 20 hours ago verified publisher icon adferrand

Deploy hook from inside docker

Open ThomDietrich opened this issue 2 years ago • 2 comments

I guess this is a very common use case but couldn't find anything in documentation. Opening this ticket to discuss best practice and contribute a recommendation to docs.

Hey all, dnsrobocert is running inside a docker container. Upon certificate renewal I would like to restart relevant docker containers to reload certificate files. How would I go about doing that? I suspect it would be possible to bind the docker socket and trigger a restart through that, but is that really the best and recommended method?

I would be thankful for any kind of hint or ideally a docker-compose.yml example! Thanks guys

ThomDietrich avatar Feb 17 '22 12:02 ThomDietrich

There's the autorestart and autocmd configuration options available. Both will require you to mount the Docker socket to work.

More details here: https://github.com/adferrand/dnsrobocert/blob/master/docs/configuration_reference.rst#certificates-section

We used the autocmd which triggers a script in the nginx reverse proxy container to (1) copy the certificates to the desired place, and then (2) trigger nginx -s reload. This worked well for us in the past.

qqilihq avatar Mar 24 '22 16:03 qqilihq

Here's an example of @qqilihq's suggestion if anyone else ends up here while looking for a solution: Script to deploy certificates generated with DNSroboCert to nginx-proxy

aaccioly avatar Sep 24 '23 00:09 aaccioly