Ghost Blog with Automagic Lets Encrypt SSL/TLS Certificate Renewal

I dont know about you. But I struggled a little bit setting Lets Encrypt up last time. Although I may sound so effortless in my earlier post I knew Im going to hate doing it again next time when the license expires.

I decided to find a more elegant solution to this. The awesome open source communities on Github have almost everything you need, and this time is no excpetion. I found this amazing repo that provisions SSL/TLS certificate with Lets Encrypt automagically before it expires, so I can sleep well knowing my viewers will have all times!

In this post, I would love to walk you through some steps getting it up and running :DDocker ComposeThe first tool we need is docker-compose. So what the hell is it? Ideally each docker container should run only 1 service, in our case Ghost.

But when things get complicated, say, we need another reverse proxy, a DB and so on. Instead of putting all services into 1 container we will have multiple images and containers. Well, again, the awesome Docker community has docker-compose to help with this kind of situation.

So let's install it on your Google Compute Engine or any other computational instance you might have :DTo install, Docker has this amazing documentation to follow through!We will be using it to install the services we need for SSL/TLS Certificate automation. Savvy?

Composing DockerOkay, assuming the installation went well (if not, hit me up on Twitter). We should be good to start composing containers needed forGhost blogReverse ProxySSL/TLS Certificate automationall in separate containers but working together, so cool! Docker Compose takes in a new kind of definition file thats usually named docker-compose.

yaml. I will try to explain the logic in the provided file.As you can see, 3 services are being defined hereghostnginx-proxyletsencrypt-nginx-proxy-companionEach service has its own image, tag and configurations almost like Dockerfile.

Even better, the dependency is also described in the file, like in line 1617links: - ghostThis tells docker compose the nginx-proxy reverse proxy is dependent on ghost, so it specifies the order of service startup. To explain whats going on in the docker-compose more fully we could envision the following flowletsencrypt-nginx-proxy-companion provisions TLS/SSL certificate and uses volumes_from: to share needed files with the nginx-proxy service.nginx-proxy takes the certificate files, and construct the needed nginx.

conf file for nginx. The nginx server will be used for validation and challenges from the CA. And, most importantly, the SSL/TLS termination.

ghost service specified with the Let's Encrypt environment variables starts up and is set to be proxied.Start It UpIn the same directory that contains docker-compose. yaml you may simply do sudo docker-compose up -d to start everything, and that's all you need to do.

You will see the images getting downloaded and containers created, then executed automaticallyThe first startup will take a while as CA (Lets Encrypt) will send some challenges to nginx-proxy for validation. The README file for the repo explains what's behind the hood in full details. Once the validation succeeded, you should be good to go and not worrying about TLS/SSL expiration.

After all, its approaching the end of 2017 and we are running out of excuses not having your site :DConclusionI had a fun time getting the docker-compose file to work well as many things are not documented. Hopefully this walk through provides a bit of clarity on how to set up this powerful combo for your site. Let me know if you have any more thoughts!

Cheers!Originally published at steven.news on November 5, 2017 RELATED QUESTION Is still used in German?

My German teacher told me they no longer use it, and have 'ss' instead, so I wanted to confirm the validity of that statement. Your teacher is wrong.While the was abandoned in Swiss orthography and a German reform in 1996 simplified (and reduced) its use, it is definitely still widely used and required.

Specifically, the is used for aVoiceless alveolar fricativesound after a long vowel or diphtong. After a short vowel, ss is used.In some cases this can be relevant to distinguish meaning, for example:Ich esse Bonbons in Maen means I eat candies in moderation, whereas Ich esse Bonbons in Massen means theexact opposite,namely I eat candies galore.