mm/jupyterhub-deploy-docker
1
0
Fork 0
Code Pull Requests Releases Activity
63f7c4b6cf
jupyterhub-deploy-docker/examples/letsencrypt/README.md
Justin Tyberg 91a5e54d1b Remove hub.sh script. 
The script was meant to facilitate hub build and run operations
while shielding new Docker users from `docker-compose`.  It now
provides very little functionality, and even gets in the way if
specifying GITHUB oauth environment variables in the .env file.

(c) Copyright IBM Corp. 2016
2016-05-09 19:20:05 -04:00

49 lines
2.4 KiB
Markdown
Raw Blame History

# Let's Encrypt
This example includes a Docker Compose configuration file that you can use to deploy [JupyterHub](https://github.com/jupyter/jupyterhub) with TLS certificate and key files generated by [Let's Encrypt](https://letsencrypt.org).
The `docker-compose.yml` configuration file in this example extends the JupyterHub service defined in the `docker-compose.yml` file in the root directory of this repository.
When you run the JupyterHub Docker container using the configuration file in this directory, Docker mounts an additional volume containing the Let's Encrypt TLS certificate and key files, and overrides the `SSL_CERT` and `SSL_KEY` environment variables to point to these files.
## Create a secrets volume
This example stores the Let's Encrypt TLS certificate and key files in a Docker volume, and mounts the volume to the JupyterHub container at runtime.
Create a volume to store the certificate and key files.
```
# Activate Docker machine where JupyterHub will run
eval "$(docker-machine env jupyterhub)"
docker volume create --name jupyterhub-secrets
```
## Generate Let's Encrypt certificate and key
Run the `letsencrypt.sh` script to create a TLS full-chain certificate and key.
The script downloads and runs the `letsencrypt` Docker image to create a full-chain certificate and private key, and stores the files in a Docker volume. You must provide a valid, routable, fully-qualified domain name (you must own it), and you must activate the Docker machine host that the domain points to before you run this script. You must also provide a valid email address and the name of the volume you created above.
_Notes:_ The script hard codes several `letsencrypt` options, one of which automatically agrees to the Let's Encrypt Terms of Service.
```
# Activate Docker machine where JupyterHub will run
eval "$(docker-machine env jupyterhub)"
./letsencrypt.sh \
--domain myhost.mydomain \
--email me@mydomain \
--volume jupyterhub-secrets
```
## Run JupyterHub container
To run the JupyterHub container using the Let's Encrypt certificate and key, set the `SECRETS_VOLUME` environment variable to the name of the Docker volume containing the certificate and key files, and run `docker-compose` **from the root directory** of this repository while specifying the `docker-compose.yml` configuration in this directory:
```
export SECRETS_VOLUME=jupyterhub-secrets
docker-compose -f examples/letsencrypt/docker-compose.yml up -d
```
View Git Blame Copy Permalink