toncent/PropertyDeployment
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d71f2752159a7a3c7f9f9bd989523b953589410d
PropertyDeployment/domain-name/docker-compose.yml
Anfioo 8af9f34696 version1
2025-12-09 20:22:03 +08:00

116 lines
2.7 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

services:
nginx-apply:
build: ./apply # 只有 80 的 Nginx
container_name: nginx_cert_apply
ports:
- "80:80"
volumes:
- certbot-www:/var/www/certbot
- certbot-conf:/etc/letsencrypt
- apply-nginx-log:/var/log/nginx
restart: unless-stopped
networks:
- anfioonet
logging:
driver: "json-file"
options:
max-size: "100m"
max-file: "3"
nginx-domain-proxy:
build: ./domain-proxy # 完整 HTTPS Nginx
container_name: nginx-domain-proxy
ports:
- "443:443"
volumes:
- certbot-www:/var/www/certbot
- certbot-conf:/etc/letsencrypt
- proxy-nginx-log:/var/log/nginx # 日志挂载
networks:
- anfioonet
depends_on:
- nginx-apply
- certbot
logging:
driver: "json-file"
options:
max-size: "100m"
max-file: "3"
certbot:
image: certbot/certbot:latest
container_name: certbot_apply
volumes:
- certbot-www:/var/www/certbot
- certbot-conf:/etc/letsencrypt
depends_on:
- nginx-apply
environment:
- DOMAIN_MAIN=${DOMAIN_MAIN}
- DOMAIN_1=${DOMAIN_1}
- DOMAIN_2=${DOMAIN_2}
- DOMAIN_3=${DOMAIN_3}
- DOMAIN_4=${DOMAIN_4}
- APPLY_EMAIL=${APPLY_EMAIL}
entrypoint:
- "/bin/sh"
- "-c"
- |
# 首次申请证书
if [ ! -d "/etc/letsencrypt/live/${DOMAIN_MAIN}" ]; then
echo "初次申请证书..."
certbot certonly \
--webroot -w /var/www/certbot \
-d ${DOMAIN_1} -d ${DOMAIN_2} -d ${DOMAIN_3} -d ${DOMAIN_4} \
--email ${APPLY_EMAIL} --agree-tos --no-eff-email --non-interactive
fi
echo "启动每月检查续期循环..."
while true; do
certbot renew \
--webroot -w /var/www/certbot \
--quiet \
--deploy-hook "docker exec nginx-domain-proxy nginx -s reload"
echo "证书续期检查完成等待30天..."
sleep $((30*24*60*60)) # 每30天检查一次
done
logging:
driver: "json-file"
options:
max-size: "100m"
max-file: "3"
volumes:
certbot-www:
driver: local
driver_opts:
type: none
device: ${SSL_USE}/certbot-www
o: bind
certbot-conf:
driver: local
driver_opts:
type: none
device: ${SSL_USE}/certbot-conf
o: bind
apply-nginx-log:
driver: local
driver_opts:
type: none
device: ${SSL_USE}/apply-nginx-log
o: bind
proxy-nginx-log:
driver: local
driver_opts:
type: none
device: ${SSL_USE}/proxy-nginx-log
o: bind
networks:
anfioonet:
name: anfioonet
external: true
Reference in New Issue View Git Blame Copy Permalink