Use traefik letsencrypt certificate #15
Description
I have a traefik reverse proxy running that is generating letsencrypt certificates for me, and I want the murmur server to use these. It would be great if this docker image had built-in support for that (like for example mailserver2/mailserver has).
Here I want to share with you my manual setup, for anyone who wants to do the same.
Manual setup
murmur.ini
sslCert=/ssl/fullchain-reverse.pem
sslKey=/ssl/key.pemcert.sh
#!/bin/sh
set -e
apk add --no-cache jq inotify-tools
while true; do
jq -er --arg domain "$CERT_DOMAIN" '.letsencrypt.Certificates[] | select (.domain.main == $domain ) | .certificate' /traefik/acme.json | base64 -d > /ssl/fullchain-reverse.pem
jq -er --arg domain "$CERT_DOMAIN" '.letsencrypt.Certificates[] | select (.domain.main == $domain ) | .key' /traefik/acme.json | base64 -d > /ssl/key.pem
docker kill --signal=SIGUSR1 "$MURMUR_CONTAINER" || true
inotifywait -e modify /traefik/acme.json || sleep 3600
donedocker-compose.yml
services:
murmur:
image: mattikus/murmur
ports:
- 64738:64738
- 64738:64738/udp
volumes:
- /srv/data/murmur:/data
- ./murmur.ini:/etc/murmur.ini:ro
- /srv/data/murmur/ssl:/ssl:ro
restart: on-failure
web:
image: rankenstein/mumble-web
environment:
MUMBLE_SERVER: murmur:64738
links:
- murmur
restart: on-failure
labels:
traefik.enable: "true"
traefik.http.routers.mumble.rule: Host(`mumble.rankenste.in`)
traefik.http.routers.mumble.tls.certresolver: letsencrypt
cert:
image: docker
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /srv/data/traefik/data:/traefik:ro
- ./cert.sh:/cert.sh:ro
- /srv/data/murmur/ssl:/ssl
environment:
MURMUR_CONTAINER: murmur_murmur_1
CERT_DOMAIN: mumble.rankenste.in
command: /cert.sh
restart: on-failure
networks:
default:
enable_ipv6: true
ipam:
config:
- subnet: fda3:f214:88c1:db82::/64