From d6d7be8fa194b42023b9ae1bec1b1b15fee611ce Mon Sep 17 00:00:00 2001 From: winlin Date: Thu, 10 Aug 2023 08:51:01 +0800 Subject: [PATCH] Use LEGO instead of certbot. v1.0.304. --- DEVELOPER.md | 10 +++++----- README.md | 2 +- focal/Dockerfile | 8 +++----- 3 files changed, 9 insertions(+), 11 deletions(-) diff --git a/DEVELOPER.md b/DEVELOPER.md index f9e184dc..1503cc4a 100644 --- a/DEVELOPER.md +++ b/DEVELOPER.md @@ -471,17 +471,17 @@ The software we depend on: * Redis, `apt-get install -y redis` * Nginx, `apt-get install -y nginx` * SSL: `mgmt/containers/ssl` -* [Certbot](https://github.com/ossrs/srs/issues/2864#lets-encrypt), `docker --name certbot` +* [LEGO](https://github.com/go-acme/lego) * Verify webroot: `mgmt/containers/www/.well-known/acme-challenge/` * Cert files: `mgmt/containers/etc/letsencrypt/live/` -* [SRS](https://github.com/ossrs/srs), `docker --name srs-server` +* [SRS](https://github.com/ossrs/srs) * Config: `mgmt/containers/conf/srs.conf` mount as `/usr/local/srs/conf/lighthouse.conf` * Volume: `mgmt/containers/objs/nginx/html` mount as `/usr/local/srs/objs/nginx/html` -* [srs-hooks](https://github.com/ossrs/srs-cloud/tree/lighthouse/hooks), `docker --name srs-hooks` +* [srs-hooks](https://github.com/ossrs/srs-cloud/tree/lighthouse/hooks) * Volume: `mgmt/containers/objs/nginx/html` mount as `/usr/local/mgmt/containers/objs/nginx/html` -* [tencent-cloud](https://github.com/ossrs/srs-cloud/tree/lighthouse/tencent), `docker --name tencent-cloud` +* [tencent-cloud](https://github.com/ossrs/srs-cloud/tree/lighthouse/tencent) * [CAM](https://console.cloud.tencent.com/cam/overview) Authentication by secretId and secretKey. -* [ffmpeg](https://github.com/ossrs/srs-cloud/tree/lighthouse/ffmpeg), `docker --name ffmpeg` +* [ffmpeg](https://github.com/ossrs/srs-cloud/tree/lighthouse/ffmpeg) * [FFmpeg and ffprobe](https://ffmpeg.org) tools in `ossrs/srs:node-av` ## Environments diff --git a/README.md b/README.md index 81a963ae..d21df381 100644 --- a/README.md +++ b/README.md @@ -81,7 +81,7 @@ The features that we're developing: - [x] [Support aaPanel to install on any linux](https://github.com/ossrs/srs-cloud/issues/29). - [x] [Support DVR to local disk](https://github.com/ossrs/srs-cloud/issues/42). - [ ] Support upgrade to latest version manually. -- [ ] Support HTTPS by let's encrypt with certbot. +- [ ] Support HTTPS by let's encrypt with LEGO. - [ ] Support GB28181 by SRS 5.0 container. - [ ] Support live streaming transcoding by FFmpeg, see [#2869](https://github.com/ossrs/srs/issues/2869). - [ ] Support virtual live streaming, covert file or other resource to live. diff --git a/focal/Dockerfile b/focal/Dockerfile index e3535952..bf58baae 100644 --- a/focal/Dockerfile +++ b/focal/Dockerfile @@ -2,15 +2,11 @@ ARG ARCH FROM ${ARCH}ossrs/srs:ubuntu20 AS build FROM ${ARCH}redis:5.0 AS redis +FROM ${ARCH}goacme/lego AS lego # http://releases.ubuntu.com/focal/ FROM ${ARCH}ubuntu:focal AS dist -# https://serverfault.com/questions/949991/how-to-install-tzdata-on-a-ubuntu-docker-image -ENV DEBIAN_FRONTEND=noninteractive -# See https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#apt-get -RUN apt update && apt-get install -y certbot && rm -rf /var/lib/apt/lists/* - COPY --from=build /usr/local/bin/ffmpeg /usr/local/bin/ffmpeg COPY --from=build /usr/local/bin/ffprobe /usr/local/bin/ffprobe # For HTTPS client, or failed as: x509: certificate signed by unknown authority @@ -19,6 +15,8 @@ COPY --from=build /usr/share/ca-certificates /usr/share/ca-certificates # For redis server and tools. COPY --from=redis /usr/local/bin/redis-cli /usr/local/bin/redis-cli COPY --from=redis /usr/local/bin/redis-server /usr/local/bin/redis-server +# For ACME client, request and renew the HTTPS certificate. +COPY --from=lego /lego /usr/local/bin/lego # We write the common config for platform to base image, however you can # overwrite it if not for platform, for example, used in releases.