Skip to content
This repository was archived by the owner on Aug 21, 2019. It is now read-only.

Add Dockerfile #36

Closed
wants to merge 10 commits into from
Closed

Add Dockerfile #36

wants to merge 10 commits into from

Conversation

tmaier
Copy link

@tmaier tmaier commented Jan 15, 2018
edited
Loading

Run gitlab-le within a docker container.

After merging this, set up a docker repository like this one: https://hub.docker.com/r/tmaier/gitlab-letsencrypt/

  • login at https://hub.docker.com
  • "Create Automated Build"
  • Configure "Build Settings" --> "Repository Links". Add here node

Use the following command:

docker container run --rm -it tmaier/gitlab-letsencrypt --domain example.com --email [email protected] --repository https://gitlab.com/my/repo --jekyll --path /acme-challenge --token $MY_TOKEN

Schedule a job with GitLab CI:

Note: you need to set GITLAB_TOKEN as variable and you need to enable the Pipeline Schedule

ssl:renew certificate:
  image:
    name: tmaier/gitlab-letsencrypt
    entrypoint: ["/bin/sh", "-c"]
  stage: deploy
  before_script: []
  script: |-
    gitlab-le \
      --domain example.com \
      --email [email protected] \
      --jekyll \
      --path /acme-challenge \
      --production \
      --repository $CI_PROJECT_URL \
      --token $GITLAB_TOKEN
  only:
  - schedules

@tmaier
Copy link
Author

tmaier commented Jan 15, 2018

The failure of Travis CI is not related to this Pull Request

@tmaier tmaier mentioned this pull request Jan 15, 2018
Open
@axilleas
Copy link

@tmaier that's great! I followed a similar approach in my .gitlab-ci.yml :) The email can also be added as a secret variable to avoid spam if the project is public.

Can you also add a couple of words in the readme? If this is merged as is, people will not know how to use the Docker image :)

@tmaier
Copy link
Author

tmaier commented Jan 16, 2018

Hi @axilleas,
you are right. I am updating the README as we speak.

Do you know if there are any constraints on the E-Mail-Adress to use for Let's Encrypt?
If there are none, I would go for GITLAB_USER_EMAIL (see https://docs.gitlab.com/ce/ci/variables/README.html)

@tmaier
Copy link
Author

tmaier commented Jan 16, 2018

Please review the updated README at https://github.com/tmaier/gitlab-letsencrypt/blob/master/README.markdown

@tmaier tmaier mentioned this pull request Jan 16, 2018
Open
@tmaier
Significantly reduce the size of the Docker image
b4ef27f 
Switch to the node user temporarily for npm install and uninstall all build dependencies
@tmaier
Copy link
Author

tmaier commented Jan 16, 2018

The latest commit reduces the docker image size from 92 MB to 20 MB.

axilleas
axilleas reviewed Jan 16, 2018
View reviewed changes
Copy link

@axilleas axilleas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tmaier that's great! I left a couple of comments.

README.markdown Outdated

Add the following variables to your GitLab project: `LETS_ENCRYPT_EMAIL` and your secret `GITLAB_TOKEN`.

Schedule then a new pipeline to run for example every month. See <https://docs.gitlab.com/ce/user/project/pipelines/schedules.html> for details
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing period :)

README.markdown
There is also a [Docker image](https://hub.docker.com/r/rolodato/gitlab-letsencrypt/) available.
This means the Command-line tool can be used without installing all the dependencies required to run the application.

Example:
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you leave a newline here? :)

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you mean? I think there is a newline due to the code block following this line

axilleas
axilleas reviewed Jan 16, 2018
View reviewed changes
README.markdown Outdated
image:
name: rolodato/gitlab-letsencrypt
entrypoint: ["/bin/sh", "-c"]
stage: deploy
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be run after the site build right? Maybe add a note about the stage naming.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It does not really matter in which stage it runs. I would recommend to add to all other jobs except: [schedules], as the next build will be triggered by gitlab-le anyway

@axilleas
Copy link

Do you know if there are any constraints on the E-Mail-Adress to use for Let's Encrypt?
If there are none, I would go for GITLAB_USER_EMAIL

I'm not aware of anything about this. I guess we can use this variable :)

@tmaier
Further improve README [ci skip]
3120e24 
- Remove stage, as it is not relevant
- Recommend to skip all other jobs when scheduled pipeline is running
- Improve formatting of YAML
- Skip cloning the git repository
@rolodato
Copy link
Owner

Hey, thanks for putting this together! Seems like a great way to solve the automation problem. I'm not sure I'd like to maintain this though, since I am not very familiar with Docker.

If you don't mind, I'd rather keep this on a separate repository (your fork or any other repo would be fine) and I can link to it from the Setup and Automation section of the README. That way it's still available for anyone who is interested. What do you think?

tmaier added 2 commits January 17, 2018 00:34
@tmaier
Add labels to Dockerfile
4ba1156 
Based on http://label-schema.org
@tmaier
Add whalebrew label
62a5042 
Whalebrew is like Homebrew (Mac), only using Docker instead

See https://github.com/bfirsh/whalebrew
@tmaier
Copy link
Author

tmaier commented Jan 17, 2018

Hi @rolodato,

normally, I would like to keep it within this repo, as for me Docker support and this kind of integration with GitLab CI belong directly to this repo and the scope of the tool.

But I understand your concern.

If I remove the Dockerfile, shall I keep the changes to the README in this form or another?

Under which cirumstances would you be ready to have the Dockerfile inside this repository? For example, do the maintainer labels in the Dockerfile help? Or if there would be contribution guidelines which states that Docker is not supported and that questions on Docker+gitlab-le shall be placed on StackOverflow?

@rolodato
Copy link
Owner

Hi @tmaier, sorry for the delay getting back to you.

If I remove the Dockerfile, shall I keep the changes to the README in this form or another?

I would just leave a link to the Dockerfile in the Automation section, wherever it ends up being hosted (your repo or anywhere else is fine).

Under which cirumstances would you be ready to have the Dockerfile inside this repository? For example, do the maintainer labels in the Dockerfile help? Or if there would be contribution guidelines which states that Docker is not supported and that questions on Docker+gitlab-le shall be placed on StackOverflow?

As I mentioned in my previous comment, since I'm not very familiar with Docker in general, I would prefer to leave the Dockerfile for others to maintain. Even if Dockerfiles have some way of defining external maintainers, I would still need to manage pull requests and issues for the Dockerfile if it ends up on this repository.

In short, please publish the Dockerfile yourself, with a README or other instructions if you'd like, and I'd be happy to link them from this repo's README.

Thanks!

@rolodato rolodato closed this Jan 22, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@axilleas axilleas axilleas left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tmaier @axilleas @rolodato