1. Crée nouveau Droplet (Docker from marketplaces) (config minimal 2GB ram) 2. Génère clé ssh : ssh-keygen -t rsa 3. Récupérer la clé dans ~/.ssh/id_rsa.pub et copier dans Bitbucket Settings > Access Keys 4. git clone git@bitbucket.org:ehochedez/51-zen.git Docker 4. Créer 51zen/.env 5. Créer coller infra/.env 6. Créer infra/apache2/sites/mon-vhost.conf 7. chmod 777 datas 8. chmod -R 777 51zen/storage 9. apt-get update 9. apt install docker-compose 10. apt install php-cli 11. cd infra - docker-compose up -d 12. Connect to phpmyadmin : url:8081 "mysql / root / password_root" 13. docker-compose exec workspace bash cd 51zen / composer install / php artisan migrate For ssl -- 14. docker-compose build certbot (si changes) 15. docker-compose up certbot 15. docker-compose down 16. doocker-compose up -d Si tjrs pas bon faire un petit ocup de docker-compose rm -sv apache2 docker-compose up -d apache2 2024-04-15 Ca procédure au dessus OK sans rien faire d'autre For PhpMyAdmin -- http://51-zen.com:8081 (without https) 20023-11-06 Renouvellement un peu laborieu, le "docker-compose build certbot" et "docker-compose up certbot" affiche résultat succes mais site affiche tjrs certificat expiré J'ai essayé plusieurs trucs donc je sais pas ce uqi a marché mais à retenir que : Possible de vérifier la validité d'un fichier certificat PEM: root@51-zen:~/Docker/infra/apache2/ssl# openssl x509 -enddate -noout -in 51-zen.com-cert1.pem notAfter=Feb 4 05:31:50 2024 GMT Les certificats sont générés dans docker certbot /var/certs qui pointe sur host ./apache2/ssl Et docker apache2 : ./apache2/ssl:/etc/apache2/ssl Si les certificats générés ne sont pas bons, regarder dans dossier certbot /etc/letsencrypt/live/51-zen.com/fullchain.pem la ou ils semblent générés Attention que droit à 5 tentatived pour générér certificat apres certbot bloque pour 24h!! docker-compose exec workspace bash php artisan route:clear -------------- certbot_1 | Saving debug log to /var/log/letsencrypt/letsencrypt.log certbot_1 | Plugins selected: Authenticator webroot, Installer None certbot_1 | Registering without email! certbot_1 | Obtaining a new certificate certbot_1 | Performing the following challenges: certbot_1 | http-01 challenge for 51-zen.com certbot_1 | Using the webroot path /var/www/letsencrypt for all unmatched domains. certbot_1 | Waiting for verification... certbot_1 | Cleaning up challenges certbot_1 | IMPORTANT NOTES: certbot_1 | - Congratulations! Your certificate and chain have been saved at: certbot_1 | /etc/letsencrypt/live/51-zen.com/fullchain.pem certbot_1 | Your key file has been saved at: certbot_1 | /etc/letsencrypt/live/51-zen.com/privkey.pem certbot_1 | Your cert will expire on 2024-04-28. To obtain a new or tweaked certbot_1 | version of this certificate in the future, simply run certbot certbot_1 | again. To non-interactively renew *all* of your certificates, run certbot_1 | "certbot renew" certbot_1 | - Your account credentials have been saved in your Certbot certbot_1 | configuration directory at /etc/letsencrypt. You should make a certbot_1 | secure backup of this folder now. This configuration directory will certbot_1 | also contain certificates and private keys obtained by Certbot so certbot_1 | making regular backups of this folder is ideal. certbot_1 | - If you like Certbot, please consider supporting our work by: certbot_1 | certbot_1 | Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate certbot_1 | Donating to EFF: https://eff.org/donate-le certbot_1 | certbot_1 | Saving debug log to /var/log/letsencrypt/letsencrypt.log certbot_1 | Plugins selected: Authenticator webroot, Installer None certbot_1 | Cert not yet due for renewal certbot_1 | Keeping the existing certificate certbot_1 | certbot_1 | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - certbot_1 | Certificate not yet due for renewal; no action taken. certbot_1 | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -