From 7f300261f26f8ebad5fa1b502f88d5b203714ec9 Mon Sep 17 00:00:00 2001
From: kev <vimagick@gmail.com>
Date: Fri, 29 Jul 2016 14:51:39 +0800
Subject: [PATCH] rename letsencrypt to certbot

---
 README.md                          |  2 +-
 {letsencrypt => certbot}/README.md | 32 ++++++++++++++++++++----------
 certbot/docker-compose.yml         |  9 +++++++++
 letsencrypt/docker-compose.yml     |  9 ---------
 4 files changed, 32 insertions(+), 20 deletions(-)
 rename {letsencrypt => certbot}/README.md (68%)
 create mode 100644 certbot/docker-compose.yml
 delete mode 100644 letsencrypt/docker-compose.yml

diff --git a/README.md b/README.md
index 124ca86..5335184 100644
--- a/README.md
+++ b/README.md
@@ -209,6 +209,7 @@ A collection of delicious docker recipes.
 ## 3rd-party
 
 - [x] centurylink/watchtower
+- [x] certbot
 - [x] drone/drone
 - [x] drupal
 - [x] ghost
@@ -223,7 +224,6 @@ A collection of delicious docker recipes.
 - [x] jazzdd/phpvirtualbox
 - [x] jenkins
 - [x] jupyter/notebook
-- [x] letsencrypt
 - [x] mongo
 - [x] neo4j
 - [x] owncloud
diff --git a/letsencrypt/README.md b/certbot/README.md
similarity index 68%
rename from letsencrypt/README.md
rename to certbot/README.md
index b8c8eb7..86cc398 100644
--- a/letsencrypt/README.md
+++ b/certbot/README.md
@@ -1,5 +1,5 @@
-letsencrypt
-===========
+certbot
+=======
 
 [Let’s Encrypt][1] is a new Certificate Authority:
 It’s free, automated, and open.
@@ -7,15 +7,15 @@ It’s free, automated, and open.
 ## docker-compose.yml
 
 ```
-letsencrypt:
+certbot:
   image: quay.io/letsencrypt/letsencrypt
-  command: auth
+  command: certonly --standalone
   ports:
     - "80:80"
     - "443:443"
   volumes:
-    - "./etc/letsencrypt:/etc/letsencrypt"
-    - "./var/lib/letsencrypt:/var/lib/letsencrypt"
+    - /etc/letsencrypt:/etc/letsencrypt
+    - /var/lib/letsencrypt:/var/lib/letsencrypt
 ```
 
 ## up and running
@@ -24,15 +24,27 @@ letsencrypt:
 # stop nginx (release 80/tcp and 443/tcp)
 $ systemctl stop nginx
 
-# generate keys
-$ docker-compose run --rm --service-ports letsencrypt
+# generate keys (interactive)
+$ docker-compose run --rm --service-ports certbot
 >>> email: admin@easypi.info
 >>> domains: easypi.info,blog.easypi.info,wiki.easypi.info
 
+# renew keys (headless)
+$ docker-compose run --rm --service-ports certbot renew
+
+# list keys
+$ tree /etc/letsencrypt/live/
+/etc/letsencrypt/live/
+└── easypi.info
+    ├── cert.pem -> ../../archive/easypi.info/cert1.pem
+    ├── chain.pem -> ../../archive/easypi.info/chain1.pem
+    ├── fullchain.pem -> ../../archive/easypi.info/fullchain1.pem
+    └── privkey.pem -> ../../archive/easypi.info/privkey1.pem
+
 # deploy keys
 $ mkdir -p /etc/nginx/ssl/
-$ cp ./etc/letsencrypt/live/easypi.info/fullchain.pem /etc/nginx/ssl/easypi.info.crt
-$ cp ./etc/letsencrypt/live/easypi.info/privkey.pem /etc/nginx/ssl/easypi.info.key
+$ cp /etc/letsencrypt/live/easypi.info/fullchain.pem /etc/nginx/ssl/easypi.info.crt
+$ cp /etc/letsencrypt/live/easypi.info/privkey.pem /etc/nginx/ssl/easypi.info.key
 
 # reconfig nginx
 $ vi /etc/nginx/sites-enabled/default
diff --git a/certbot/docker-compose.yml b/certbot/docker-compose.yml
new file mode 100644
index 0000000..00dc8a7
--- /dev/null
+++ b/certbot/docker-compose.yml
@@ -0,0 +1,9 @@
+certbot:
+  image: quay.io/letsencrypt/letsencrypt
+  command: certonly --standalone
+  ports:
+    - "80:80"
+    - "443:443"
+  volumes:
+    - /etc/letsencrypt:/etc/letsencrypt
+    - /var/lib/letsencrypt:/var/lib/letsencrypt
diff --git a/letsencrypt/docker-compose.yml b/letsencrypt/docker-compose.yml
deleted file mode 100644
index efb6ef5..0000000
--- a/letsencrypt/docker-compose.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-letsencrypt:
-  image: quay.io/letsencrypt/letsencrypt
-  command: auth
-  ports:
-    - "80:80"
-    - "443:443"
-  volumes:
-    - "./etc/letsencrypt:/etc/letsencrypt"
-    - "./var/lib/letsencrypt:/var/lib/letsencrypt"