Use certbot to manage my letscrypt certs

Manage certs via the letscrypt cert bot (via a docker-compose image)
which is able to be executed each time we want to update the certs

4 files changed, 31 insertions, 0 deletions

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..db2fc0d
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+secrets
diff --git a/README.txt b/README.txt
new file mode 100644
index 0000000..4320b1f
--- /dev/null
+++ b/README.txt
@@ -0,0 +1,4 @@
+certbot
+-------
+
+My certbot docker-compose setup to manage my letscrypt certs
diff --git a/cron-renew-certs.sh b/cron-renew-certs.sh
new file mode 100755
index 0000000..bfb7401
--- /dev/null
+++ b/cron-renew-certs.sh
@@ -0,0 +1,7 @@
+#!/usr/bin/env sh
+set -ex
+echo "Updating certs"
+cd /home/bill/apps/certbot
+docker-compose -f /home/bill/apps/certbot/docker-compose.yml run certbot
+
+
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..3142b8e
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,19 @@
+version: '3'
+services:
+  certbot:
+    image: certbot/dns-route53
+    environment:
+      - AWS_CONFIG_FILE=/secrets/aws_creds
+    volumes:
+      - "${PWD}/secrets:/secrets/aws_creds"
+      - "/etc/letsencrypt/certs:/etc/letsencrypt"
+    command: |
+      certonly
+      -n
+      --agree-tos
+      -m admin@senders.io
+      --dns-route53
+      --dns-route53-propagation-seconds 30
+      --cert-name senders.io
+      -d senders.io,monitor.senders.io,files.senders.io
+