This is a quick and easy one.
- An Alpine Linux container
- An internet connection
apk add nginx rc-update add nginx default rc-service nginx start
Config file is located at
service nginx reload to reload the configuration after editing it.
Currently certbot only lives in the community repository. You can find out which repo a package is in by looking at the Alpine Packages website. You’ll need to add the community repository by editing
/etc/apk/repositories and adding the following line:
Note that this is for version 3.4. You may have to update the version number
After editing your repositories you need to update them and install certbot.
apk update && apk upgrade apk add certbot@community
Adding a new cert
Certificates can be added with certbot using the wizard. Don’t forget to stop any instances of nginx first!
Updating certs automatically
Let’s Encrypt certs only last 3 months. This is by design. One of the beautiful parts of Let’s Encrypt is that we can update the certs automatically. I have created a script in
etc/periodic/weekly to update my scripts. It only has one line:
/usr/bin/certbot renew --standalone --pre-hook "service nginx stop" --post-hook "service nginx start"
Don’t forget to make this script executable!
This script is run by cron on a weekly basis. It automatically stops nginx before it starts and starts it back up when it’s finished.