loading

The perfect choice of one-stop service for diversification of architecture.

Ghost Blog with Automagic Lets Encrypt SSL/TLS Certificate Renewal

I dont know about you. But I struggled a little bit setting Lets Encrypt up last time. Although I may sound so effortless in my earlier post I knew Im going to hate doing it again next time when the license expires.

Ghost Blog with Automagic Lets Encrypt SSL/TLS Certificate Renewal 1

I decided to find a more elegant solution to this. The awesome open source communities on Github have almost everything you need, and this time is no excpetion. I found this amazing repo that provisions SSL/TLS certificate with Lets Encrypt automagically before it expires, so I can sleep well knowing my viewers will have all times!

In this post, I would love to walk you through some steps getting it up and running :DDocker ComposeThe first tool we need is docker-compose. So what the hell is it? Ideally each docker container should run only 1 service, in our case Ghost.

But when things get complicated, say, we need another reverse proxy, a DB and so on. Instead of putting all services into 1 container we will have multiple images and containers. Well, again, the awesome Docker community has docker-compose to help with this kind of situation.

So let's install it on your Google Compute Engine or any other computational instance you might have :DTo install, Docker has this amazing documentation to follow through!We will be using it to install the services we need for SSL/TLS Certificate automation. Savvy?

Ghost Blog with Automagic Lets Encrypt SSL/TLS Certificate Renewal 2

Composing DockerOkay, assuming the installation went well (if not, hit me up on Twitter). We should be good to start composing containers needed forGhost blogReverse ProxySSL/TLS Certificate automationall in separate containers but working together, so cool! Docker Compose takes in a new kind of definition file thats usually named docker-compose.

yaml. I will try to explain the logic in the provided file.As you can see, 3 services are being defined hereghostnginx-proxyletsencrypt-nginx-proxy-companionEach service has its own image, tag and configurations almost like Dockerfile.

Even better, the dependency is also described in the file, like in line 1617links: - ghostThis tells docker compose the nginx-proxy reverse proxy is dependent on ghost, so it specifies the order of service startup. To explain whats going on in the docker-compose more fully we could envision the following flowletsencrypt-nginx-proxy-companion provisions TLS/SSL certificate and uses volumes_from: to share needed files with the nginx-proxy service.nginx-proxy takes the certificate files, and construct the needed nginx.

conf file for nginx. The nginx server will be used for validation and challenges from the CA. And, most importantly, the SSL/TLS termination.

ghost service specified with the Let's Encrypt environment variables starts up and is set to be proxied.Start It UpIn the same directory that contains docker-compose. yaml you may simply do sudo docker-compose up -d to start everything, and that's all you need to do.

You will see the images getting downloaded and containers created, then executed automaticallyThe first startup will take a while as CA (Lets Encrypt) will send some challenges to nginx-proxy for validation. The README file for the repo explains what's behind the hood in full details. Once the validation succeeded, you should be good to go and not worrying about TLS/SSL expiration.

After all, its approaching the end of 2017 and we are running out of excuses not having your site :DConclusionI had a fun time getting the docker-compose file to work well as many things are not documented. Hopefully this walk through provides a bit of clarity on how to set up this powerful combo for your site. Let me know if you have any more thoughts!

Cheers!Originally published at steven.news on November 5, 2017 RELATED QUESTION Is still used in German?

My German teacher told me they no longer use it, and have 'ss' instead, so I wanted to confirm the validity of that statement. Your teacher is wrong.While the was abandoned in Swiss orthography and a German reform in 1996 simplified (and reduced) its use, it is definitely still widely used and required.

Specifically, the is used for aVoiceless alveolar fricativesound after a long vowel or diphtong. After a short vowel, ss is used.In some cases this can be relevant to distinguish meaning, for example:Ich esse Bonbons in Maen means I eat candies in moderation, whereas Ich esse Bonbons in Massen means theexact opposite,namely I eat candies galore.

GET IN TOUCH WITH Us
recommended articles
Related Blogs blog
Problems of Phased Array Ground Penetrating Radar Detection System
Although GPR has been widely used in hydrology, engineering, environment and other fields, many basic theoretical and technical problems have not been fundamentally ...
Suggestions for Journaling, Bullet Notes, Activity, Wiki Like Application
So I am thinking of a possible answer to my own question:Build my own journal note entry app linked to a wiki.Zim Wiki uses a file based system for wiki. Maybe I cou...
How Many NCAA Football Bowls Are There?
About 8 I think1. where can i get ncaa football 10 rosters with names?For the last two years I got mine from "Pastapadre". From what i can tell they are really prett...
What Is the Name of a Horror Movie with an Eye Falling in a Cocktail Glass?
The Haunting I vaguely remember some kind of eye injury in the movie.• Other Related Knowledge ofa cocktail glass— â€&...
Automotive Backup Camera Systems, Backup Hub
rsync can be somewhat painful if you have a very large number of files - especially if your rsync version is lower than 3. On the other hand: if you use tar, you wou...
Blockchain Technology Explained: Powering Bitcoin
Blockchain Technology Explained: Powering BitcoinMicrosoft recently became the latest big name to officially associate with Bitcoin, the decentralized virtual curren...
PLEASE HELP ME CHOOSE a VIDEO CAMERA!?
PLEASE HELP ME CHOOSE A VIDEO CAMERA!?the Flip ultra HD is a really good HD portable camcorder, and it's fairly cheap. A lot of famous youtubers use it, such as timo...
The National Key R & D Plan Launched the Key Project of "key Technologies and Demonstration of Inter
In order to implement the tasks proposed in the outline of the national medium and long term science and technology development plan (2006-2020), the national key R ...
Alibaba Goes to War! Smart Home Battlefield Adds Another Giant
Alibaba group and Royal Philips of the Netherlands announced that they have officially signed an IT infrastructure service framework agreement to jointly promote the...
Looking for Software to Monitor Installations
but it seems the company has disappeared and you can only get it from other sites such as Canadian Content.It works on Windows 7 and due to the nature of the OSes, t...
no data
Customer service
detect