Add LetsEncrypt certificats

Elastic-Suite · Sep 11, 2024 · 6d89379 · 6d89379
1 parent f0130e9
commit 6d89379
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 13 deletions.
diff --git a/.github/workflows/deploy-int.yml b/.github/workflows/deploy-int.yml
@@ -78,6 +78,5 @@ jobs:
             docker compose run --rm php composer config repositories.gally-premium composer $PACKAGIST_URL &&
             docker compose run --rm -e COMPOSER_AUTH='$COMPOSER_AUTH' php composer require \"gally/gally-standard:${{ env.composer_version }} as ${{ inputs.last_published_version }}\" &&
             docker compose run --rm -e COMPOSER_AUTH='$COMPOSER_AUTH' php composer require \"gally/gally-premium:${{ env.composer_version }}\" &&
-            [ -z ${MEDIA_URL} ] || echo -e \"gally:\n  base_url:\n    media: '$MEDIA_URL'\" > api/config/packages/gally_configuration.yaml &&
-            SERVER_NAME=$HOSTNAME API_ROUTE_PREFIX=api APP_SECRET=$APP_SECRET POSTGRES_PASSWORD=$POSTGRES_PASSWORD COMPOSER_AUTH='$COMPOSER_AUTH' docker compose -f compose.yml -f compose.int.yml up -d --build
+            GALLY_CATALOG_MEDIA_URL=${MEDIA_URL} SERVER_NAME=$HOSTNAME API_ROUTE_PREFIX=api APP_SECRET=$APP_SECRET POSTGRES_PASSWORD=$POSTGRES_PASSWORD COMPOSER_AUTH='$COMPOSER_AUTH' docker compose -f compose.yml -f compose.int.yml up -d --build
           "
diff --git a/compose.override.yaml b/compose.override.yaml
@@ -1,5 +1,10 @@
 # Development environment override
 services:
+
+  certbot: # Disable certbot for local env
+    image: busybox
+    command: /bin/true 
+
   router:
     volumes:
       - ./api/public:/app/public

diff --git a/compose.yml b/compose.yml
@@ -12,6 +12,18 @@ services:
       - SERVER_NAME=${SERVER_NAME:-gally.localhost}
       - API_SERVER_NAME=${API_SERVER_NAME:-api.gally.localhost}
       - BACKEND_UPSTREAM=varnish:80
+
+  certbot:
+    image: certbot/certbot
+    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do sleep 6h & wait; certbot renew; done;'"
+    command: certonly --webroot --webroot-path=/var/www/certbot --non-interactive --agree-tos --register-unsafely-without-email --agree-tos --no-eff-email -d $CERTBOT_DOMAINS
+    volumes:
+      - ./docker/certs:/etc/letsencrypt 
+      - ./docker/certs/www:/var/www/certbot 
+    environment:
+      - CERTBOT_DOMAINS=${SERVER_NAME:-gally.localhost},${API_SERVER_NAME:-api.gally.localhost}
+    depends_on:
+      - nginx
 
   varnish:
     build:
@@ -84,17 +96,6 @@ services:
       interval: 10s
       timeout: 5s
       retries: 20
-
-
-#  certbot:
-#    image: certbot/certbot
-#    entrypoint: "/bin/sh -c 'if [ \"${ENVIRONMENT}\" = \"local\" ]; then sleep infinity; else certbot certonly --webroot --webroot-path=/var/www/certbot -d YOUR_DOMAIN_HERE --non-interactive --agree-tos --register-unsafely-without-email; fi'"
-#    volumes:
-#      - ./docker/certs:/etc/letsencrypt
-#      - ./docker/certbot/www:/var/www/certbot
-#    environment:
-#      - ENVIRONMENT=${ENVIRONMENT:-local}
-#      - CERTBOT_DOMAIN=${DOMAIN:-your-generated-domain}
 
   ###> doctrine/doctrine-bundle ###
   database: