I am trying to setup an automated renewal SSL on Google Cloud Platform using Google, Container-Optimized OS.
I am struggling to find a guide where someone has done something similar using php apache.
My Dockerfile image is using:
COPY / /var/www/html/
Welcome to the community forum!
There are several ways to do this.
- Add some
RUN commands to install certbot and any plugins you made need and issue the certificate directly inside the container. WARNING When this container dies, the public and private key data will be destroyed.
- Same as option 1, except with a volume mounted from the host. I’m not sure if that is possible in GCP
- Use a certbot container as a sidecar. To do that, you’ll want to utilize volumes for this task. The goal is to have the certbot container and php/apache container mount a shared volume which contains a certificate. Ideally this would map to the location in the apache config that defines where a vhost can find said certificate.
Thanks for the information, that put me down the right path, I have added the certbot python-certbot-apache to my RUN section within my Dockerfile
RUN apt-get -y update && apt-get install -y \
This now requires me to remote onto the docker image and run certbot --apache which then with a few steps applies my SSH, however I would love to be able to script the process / steps for running of the certbot --apache part, having a trouble with that tho:
so far I am trying to run the following but this isnt working and I am not sure how I would go about parametrising the setting that asks about automatic renewal which is option 2
certbot --apache -d somedomain.com -d www.somedomain.com --email email@example.com --agree-tos
To help with automation, you can use the following flag. You’re most likely going to need to install
-n, --non-interactive, --noninteractive
Run without ever asking for user input. This may
require additional command line flags; the client will
try to explain which ones are required if it finds one
missing (default: False)
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.