✨ Add Container cerbot/letsencrypt (#21) (#114)

Author: guiyomh

Makefile

@@ -20,7 +20,7 @@ php:       webdevops/php webdevops/php-apache webdevops/php-nginx
 php-dev:   webdevops/php-dev webdevops/php-apache-dev webdevops/php-nginx-dev
 hhvm:      webdevops/hhvm webdevops/hhvm-apache webdevops/hhvm-nginx
 
-web:       webdevops/apache webdevops/apache-dev webdevops/nginx webdevops/nginx-dev webdevops/varnish
+web:       webdevops/apache webdevops/apache-dev webdevops/nginx webdevops/nginx-dev webdevops/varnish webdevops/certbot
 
 applications: webdevops/typo3 webdevops/piwik
 
@@ -165,3 +165,6 @@ webdevops/sphinx:
 
 webdevops/varnish:
 	bash bin/build.sh varnish "${DOCKER_REPOSITORY}/varnish" "${DOCKER_TAG_LATEST}"
+
+webdevops/certbot:
+	bash bin/build.sh certbot "${DOCKER_REPOSITORY}/certbot" "${DOCKER_TAG_LATEST}"

bin/provision.sh

@@ -426,4 +426,10 @@ function header() {
     deployConfiguration samson-deployment/general        samson-deployment 'latest'
 }
 
+## Build cerbot
+[[ $(checkBuildTarget certbot) ]] && {
+    header "certbot"
+}
+
+
 exit 0

docker/certbot/README.md

@@ -0,0 +1,44 @@
+# Certbot container layout
+
+Automated build and tested by [WebDevOps Build Server](https://build.webdevops.io/)
+
+## Environment variables
+
+Variable               | Description
+---------------------- | ------------------------------------------------------------------------------
+`CERTBOT_EMAIL`        | Email of sysadmin
+`CERTBOT_DOMAIN`       | Registered dns or public ip
+
+## USAGE
+
+To create or renew existing certificate
+```bash
+docker run -ti --rm \
+           -v /etc/letsencrypt:/etc/letsencrypt \
+           -v /your/document_root:/var/www \
+        webdevops/certbot /usr/bin/certbot certonly \
+	    --agree-tos \
+	    --webroot \
+	    -w /var/www
+	    -d webdevops.io \
+	    -m "[email protected]"
+```
+See [commandline options](https://certbot.eff.org/docs/using.html#command-line-options)
+
+## Template a cronjob to reissue the certificate
+
+Create a file **/etc/cron.monthly/reissue**
+```bash
+#!/bin/sh
+set -euo pipefail
+# Certificate reissue
+
+docker run -ti --rm \
+           -v /etc/letsencrypt:/etc/letsencrypt \
+           -v /your/document_root:/var/www \
+       webdevops/certbot /usr/bin/certbot renew
+
+ ```
+make file executable : chmod +x /etc/cron.monthly/reissue
+
+see [Renewal](https://certbot.eff.org/docs/using.html#renewal)

docker/certbot/latest/Dockerfile

@@ -0,0 +1,17 @@
+#+++++++++++++++++++++++++++++++++++++++
+# Dockerfile for webdevops/certbot:latest
+#    -- automatically generated  --
+#+++++++++++++++++++++++++++++++++++++++
+
+FROM webdevops/bootstrap:alpine-3
+
+MAINTAINER [email protected]
+LABEL vendor=WebDevOps.io
+LABEL io.webdevops.layout=8
+LABEL io.webdevops.version=0.53.2
+
+VOLUME /etc/letsencrypt
+VOLUME /var/www
+
+RUN /usr/local/bin/apk-install \
+        certbot

docker/certbot/latest/Dockerfile.jinja2

@@ -0,0 +1,8 @@
+{{ docker.from("bootstrap","alpine-3") }}
+
+{{ docker.version() }}
+
+{{ docker.volume('/etc/letsencrypt') }}
+{{ docker.volume('/var/www') }}
+
+{{ certbot.alpine() }}

template/Dockerfile/images/certbot.jinja2

@@ -0,0 +1,11 @@
+{% import 'Dockerfile/provision.jinja2' as provision %}
+
+{% macro env() -%}
+ENV CERTBOT_EMAIL  ""
+ENV CERTBOT_DOMAIN  ""
+{%- endmacro %}
+
+{% macro alpine() -%}
+RUN /usr/local/bin/apk-install \
+        certbot
+{%- endmacro %}

template/Dockerfile/layout.jinja2

@@ -21,6 +21,7 @@
 {% import 'Dockerfile/images/vsftp.jinja2'              as vsftp %}
 {% import 'Dockerfile/images/samson-deployment.jinja2'  as samsonDeployment %}
 {% import 'Dockerfile/images/varnish.jinja2'            as varnish %}
+{% import 'Dockerfile/images/certbot.jinja2'            as certbot %}
 #+++++++++++++++++++++++++++++++++++++++
 # Dockerfile for webdevops/{{ Dockerfile.image }}:{{ Dockerfile.tag }}
 #    -- automatically generated  --

test/Makefile

@@ -74,3 +74,6 @@ varnish:
 
 sphinx:
 	bash ./run.sh sphinx
+
+certbot:
+	bash ./run.sh certbot

test/run.sh

@@ -964,6 +964,20 @@ ENV VARNISH_BACKEND_HOST \"google.com\"
     waitForTestRun
 }
 
+#######################################
+# webdevops/certbot
+#######################################
+
+[[ $(checkTestTarget certbot) ]] && {
+    setupTestEnvironment "certbot"
+
+    # setSpecTest "base"
+    setEnvironmentOsFamily "alpine"
+
+    OS_VERSION="3" runTestForTag "latest"
+
+    waitForTestRun
+}
 
 echo ""
 echo " >>> finished, all tests PASSED <<<"

test/spec/collection/certbot.rb

@@ -0,0 +1,4 @@
+shared_examples 'collection::certbot' do
+    include_examples 'misc::letsencrypt'
+    include_examples 'certbot::layout'
+end