Merge branch 'doc/letsencrypt' into 'dev'

doc/server.md: Add info on Let's encrypt to avoid copying certificates See merge request !827

Merge branch 'doc/letsencrypt' into 'dev'
doc/server.md: Add info on Let's encrypt to avoid copying certificates See merge request !827
cf0256d2 · Mikaël Salson · e805f259 · 01192e21 · cf0256d2
Commit cf0256d2 authored Oct 12, 2020 by Mikaël Salson
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

doc/server.md doc/server.md +2 -0

No files found.
--- a/doc/server.md
+++ b/doc/server.md
@@ -185,6 +185,8 @@ You can achieve this with the following steps:
    cp /etc/letsencrypt/live/vdd.vidjil.org/privkey.pem vidjil-client/ssl/web2py.key
    ```
    The certificates can be renewed with `certbot renew` but beware to copy the certificates after that.
+    Instead of copying the certificates, you may wish to mount `/etc/letsencrypt` in the Docker image as a volume (*eg.* `/etc/letsencrypt:/etc/nginx/ssl`).
+    On certificate renewal (with `certbot`), you then need to restart the Nginx server.
    
 If necessary, in `docker-compose.yml`, update `nginx.volumes`, line `./vidjil-client/ssl:/etc/nginx/ssl`, to set the directory with the certificates.
    The same can be done for the `postfix` container.