My domain is: DNS not yet configured. I am setting up a new server, there will be many domain names.
I am looking for a clean, dockerized setup to install and renew the Let’s encrypt certificates. I have several http servers, each in their own container, and their virtual host files and configuration is saved on shared volumes.
My goal would be to create a Dockerfile that downloads and installs Certbot and provides certbot as the entry point. Something like this, but up-to-date, because that Dockerfile is no longer valid for the current stats of the repository.
This would let me to contain all the Certbot-related stuff in a container, and run that container with appropriate parameters whenever I need to create new certificates or renew existing ones.
When I tried to install python-certbot-apache package, it failed to run because the 80th port is blocked on the host, as it is taken by one of the http server containers.
Installing the Certbot on the http server containers would go against the idea that the containers are as lean as possible, without too much service software. That would also mean that I have ton install it on every http server container, that doesn’t feel right. I hope to find a solution where Certbot can be ran in a dedicated container only when certificate creation or renewal is required.
I understand that Certbot needs access to site root, to plant a temporary file there, and also that it needs access to the site’s Apache virtual host configuration file. Both things can be granted via shared docker volumes.
The hosts’ operating system is Ubuntu Server 18.04 LTS. But that shouldn’t matter, as everything needs to be containterized.