Install NGiNX with Let’s Encrypt in an Alpine Linux Container

This is a quick and easy one.

Prerequisites

An Alpine Linux container
An internet connection

Install nginx

apk add nginx
rc-update add nginx default
rc-service nginx start

Nginx Configuration

Config file is located at /etc/nginx/nginx.conf.

Use service nginx reload to reload the configuration after editing it.

Install Certbot

Currently certbot only lives in the community repository. You can find out which repo a package is in by looking at the Alpine Packages website. You’ll need to add the community repository by editing /etc/apk/repositories and adding the following line:

@community http://dl-2.alpinelinux.org/alpine//v3.4/community

Note that this is for version 3.4. You may have to update the version number

After editing your repositories you need to update them and install certbot.

apk update && apk upgrade
apk add certbot@community

Adding a new cert

Certificates can be added with certbot using the wizard. Don’t forget to stop any instances of nginx first!

certbot certonly

Updating certs automatically

Let’s Encrypt certs only last 3 months. This is by design. One of the beautiful parts of Let’s Encrypt is that we can update the certs automatically. I have created a script in etc/periodic/weekly to update my scripts. It only has one line:

/usr/bin/certbot renew --standalone --pre-hook "service nginx stop" --post-hook "service nginx start"

Don’t forget to make this script executable!

This script is run by cron on a weekly basis. It automatically stops nginx before it starts and starts it back up when it’s finished.

Some projects and stuff

Install NGiNX with Let's Encrypt in an Alpine Linux Container