Deploy hook from inside docker

[ThomDietrich]

I guess this is a very common use case but couldn't find anything in documentation. Opening this ticket to discuss best practice and contribute a recommendation to docs.

Hey all, dnsrobocert is running inside a docker container. Upon certificate renewal I would like to restart relevant docker containers to reload certificate files. How would I go about doing that? I suspect it would be possible to bind the docker socket and trigger a restart through that, but is that really the best and recommended method?

I would be thankful for any kind of hint or ideally a docker-compose.yml example! Thanks guys

[qqilihq]

There's the autorestart and autocmd configuration options available. Both will require you to mount the Docker socket to work.

More details here: https://github.com/adferrand/dnsrobocert/blob/master/docs/configuration_reference.rst#certificates-section

We used the autocmd which triggers a script in the nginx reverse proxy container to (1) copy the certificates to the desired place, and then (2) trigger nginx -s reload. This worked well for us in the past.

[aaccioly]

Here's an example of @qqilihq's suggestion if anyone else ends up here while looking for a solution: Script to deploy certificates generated with DNSroboCert to nginx-proxy