[DOCKER] kong certbot - fourslickz/notes GitHub Wiki

1. Create a docker-compose.yml file:

version: '3.8'

services:
  kong:
    image: kong:latest
    ports:
      - "8000:8000"  # HTTP proxy
      - "8443:8443"  # HTTPS proxy
      - "8001:8001"  # Admin API
      - "8444:8444"  # Admin API over HTTPS
    volumes:
      - ./kong.conf:/etc/kong/kong.conf
    environment:
      KONG_DATABASE: "off"
      KONG_PROXY_LISTEN: "0.0.0.0:8000, 0.0.0.0:8443 ssl"
      KONG_ADMIN_LISTEN: "0.0.0.0:8001, 0.0.0.0:8444 ssl"
      KONG_PROXY_SSL_CERT: "/etc/kong/ssl/server.crt"
      KONG_PROXY_SSL_CERT_KEY: "/etc/kong/ssl/server.key"

  certbot:
    image: certbot/certbot
    command: certonly --webroot --webroot-path /usr/share/nginx/html --email [email protected] --agree-tos -d yourdomain.com
    volumes:
      - /etc/letsencrypt:/etc/letsencrypt
      - /var/lib/letsencrypt:/var/lib/letsencrypt
    depends_on:
      - kong

2. Create a kong.conf file:

# kong.conf
proxy_ssl = on
admin_ssl = on
ssl_cert = /etc/kong/ssl/server.crt
ssl_cert_key = /etc/kong/ssl/server.key

3. Run Docker Compose:

docker-compose up -d

4. docker-compose restart kong