From ecb0e29a2c3e372f60261b12fe0551d8de5b9dcb Mon Sep 17 00:00:00 2001
From: neilpang <github@byneil.com>
Date: Sat, 3 Jun 2017 17:21:23 +0800
Subject: [PATCH] fix acme

---
 Dockerfile   |  5 ++++-
 nginx.tmpl   | 13 +++++++------
 updatessl.sh | 16 +---------------
 3 files changed, 12 insertions(+), 22 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index ead0378..08dd554 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -10,7 +10,10 @@ RUN apt-get update \
  && apt-get clean \
  && rm -r /var/lib/apt/lists/*
 
-RUN AUTOUPGRADE=1 LE_WORKING_DIR=/acme.sh LE_CONFIG_HOME=/acmecerts wget -O- https://get.acme.sh | sh
+ENV AUTOUPGRADE=1
+ENV LE_WORKING_DIR=/acme.sh
+ENV LE_CONFIG_HOME=/acmecerts
+RUN wget -O- https://get.acme.sh | sh
 
 # Configure Nginx and apply fix for very long server names
 RUN echo "daemon off;" >> /etc/nginx/nginx.conf \
diff --git a/nginx.tmpl b/nginx.tmpl
index 904e108..33addb2 100644
--- a/nginx.tmpl
+++ b/nginx.tmpl
@@ -104,13 +104,16 @@ server {
 {{ $is_regexp := hasPrefix "~" $host }}
 {{ $upstream_name := when $is_regexp (sha1 $host) $host }}
 
-{{ $enable_acme := eq (or ($.Env.ENABLE_ACME) "") "true" }}
-{{ if $enable_acme }}
-#ACME_DOMAINS{{$host_list}}
-{{ end }}
+
 # {{ $host }}
 upstream {{ $upstream_name }} {
 {{ range $container := $containers }}
+
+{{ $enable_acme := eq (or ($container.Env.ENABLE_ACME) "") "true" }}
+{{ if $enable_acme }}
+#ACME_DOMAINS{{$host_list}}
+{{ end }}
+
 	{{ $addrLen := len $container.Addresses }}
 
 	{{ range $knownNetwork := $CurrentContainer.Networks }}
@@ -164,7 +167,6 @@ upstream {{ $upstream_name }} {
 server {
 	server_name {{ replace $host_list "," " " -1 }};
 	listen 80 {{ $default_server }};
-#location ^~ /.well-known/acme-challenge/ {default_type "text/plain";root html;} location = /.well-known/acme-challenge/ {try_files $uri =404;} #acme
 	{{ if $enable_ipv6 }}
 	listen [::]:80 {{ $default_server }};
 	{{ end }}
@@ -232,7 +234,6 @@ server {
 server {
 	server_name {{ replace $host_list "," " " -1 }};
 	listen 80 {{ $default_server }};
-#location ^~ /.well-known/acme-challenge/ {default_type "text/plain";root html;} location = /.well-known/acme-challenge/ {try_files $uri =404;} #acme
 	{{ if $enable_ipv6 }}
 	listen [::]:80 {{ $default_server }};
 	{{ end }}
diff --git a/updatessl.sh b/updatessl.sh
index 92791da..deb7e53 100755
--- a/updatessl.sh
+++ b/updatessl.sh
@@ -6,7 +6,6 @@ ACME_BIN="/acme.sh/acme.sh --home /acme.sh --config-home /acmecerts"
 
 DEFAULT_CONF="/etc/nginx/conf.d/default.conf"
 
-NGINX_HOME="/etc/nginx"
 
 CERTS="/etc/nginx/certs"
 
@@ -19,9 +18,7 @@ updatessl() {
       d=$(echo "$d_list" | cut -d , -f 1)
       $ACME_BIN --issue \
       -d $d_list \
-      -w $NGINX_HOME/html \
-      --pre-hook "$_SCRIPT_ pre_hook $DEFAULT_CONF" \
-      --post-hook "$_SCRIPT_ post_hook $DEFAULT_CONF" \
+      --nginx \
       --fullchain-file "$CERTS\$d.crt" \
       --key-file "$CERTS\$d.crt" \
       --reloadcmd "service nginx configtest && service force-reload"
@@ -37,17 +34,6 @@ updatessl() {
 
 
 
-pre_hook() {
-  _d_conf="$1"
-  sed -i "s|#\(location.*#acme\)|\\1|" $_d_conf && service nginx configtest && service force-reload
-}
-
-post_hook() {
-  _d_conf="$1"
-  sed -i "s|\(location.*#acme\)|#\\1|"  $_d_conf 
-}
-
-
 "$@"