Join Log in
Score:0
Soufiane Odf avatar Server

SSL not working in Nginx docker container

cn flag
Soufiane Odf

I have a project structure like this:

├── docker-compose.dev.yml
├── docker-compose.prod.yml
├── docker-compose.yml
├── homeid
│             ├── Dockerfile
│             ├── nginx.conf
│             └── website
├── reverse-proxy
│             ├── Dockerfile
│             ├── dev.homebooker.conf
│             ├── homebooker.conf
│             └── nginx.conf

and I have a domain homebooker.fr and a subdomain dev.homebooker.fr, and I want to add https, so I got a certificate from letsencrypt and I mouted it into Nginx container, but https is not working, do not know what I am doing wrong.

Here is the content of the files:

docker-compose.yml

version: '3'

services:
  reverse_proxy:
    build:
      context: ./reverse-proxy
      dockerfile: Dockerfile
    container_name: reverse_proxy
    restart: always
    volumes:
      - ~/letsencrypt:/etc/letsencrypt
    networks:
      - dev_network
      - prod_network
    ports:
      - "80:80"
      - "433:433"

networks:
  dev_network:
  prod_network:

docker-compose.dev.yml

version: '3'

services:
  homeid_dev:
    build:
      context: ./homeid
      dockerfile: Dockerfile
    container_name: homeid_dev
    restart: always
    networks:
      - dev_network
    ports:
      - '8001:80'

networks:
  dev_network:

docker-compose.prod.yml

version: '3'

services:
  homeid_prod:
    build:
      context: ./homeid
      dockerfile: Dockerfile
    container_name: homeid_prod
    restart: always
    networks:
      - prod_network
    ports:
      - "8002:80"
networks:
  prod_network:

homeid Dockerfile:

FROM nginx:1.21.6-alpine

RUN apk --update --no-cache upgrade
RUN apk add python3 python3-dev py3-pip build-base libressl-dev musl-dev libffi-dev rust cargo
RUN pip3 install pip --upgrade
RUN pip3 install certbot-nginx
RUN mkdir /etc/letsencrypt

WORKDIR /usr/share/nginx/html

COPY nginx.conf /etc/nginx/conf.d/default.conf
COPY ./website package.json package-lock.json ./

RUN npm install

reverse-proxy Dockerfile:

FROM nginx:1.21.6-alpine

RUN apk --update --no-cache upgrade
RUN apk add python3 python3-dev py3-pip build-base libressl-dev musl-dev libffi-dev rust cargo
RUN pip3 install pip --upgrade
RUN pip3 install certbot-nginx
RUN mkdir /etc/letsencrypt

COPY nginx.conf /etc/nginx/nginx.conf

WORKDIR /etc/nginx/sites-available
COPY homebooker.conf /etc/nginx/sites-available/homebooker.fr.conf

WORKDIR /etc/nginx/sites-available
COPY dev.homebooker.conf /etc/nginx/sites-available/dev.homebooker.fr.conf

WORKDIR /etc/nginx/sites-enabled
RUN ln -s /etc/nginx/sites-available/homebooker.fr.conf . \
    && ln -s /etc/nginx/sites-available/dev.homebooker.fr.conf .

dev.homebooker.fr.conf

server {
    listen       80;
    listen  [::]:80;
    server_name dev.homebooker.fr www.dev.homebooker.fr;

    location = /status {
        access_log off;
        default_type text/plain;
        add_header Content-Type text/plain;
        return 200 "alive";
    }

    location / {
        proxy_pass http://homeid_dev;
    }

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

}

homebooker.fr.conf

server {
    listen 80 ;
    listen [::]:80 ;
    server_name homebooker.fr www.homebooker.fr;
    return 301 https://homebooker.fr;
}

server {
    listen 443 ssl;

    server_name homebooker.fr www.homebooker.fr;

    # RSA certificate
    ssl_certificate /etc/letsencrypt/live/homebooker.fr/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/homebooker.fr/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;

    location = /status {
        access_log off;
        default_type text/plain;
        add_header Content-Type text/plain;
        return 200 "alive";
    }

    location / {
        proxy_pass http://homeid_prod/;
    }

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

}

reverse-proxy/nginx.conf

user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include /etc/nginx/sites-enabled/*;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

homeid/nginx.conf

server {
    listen       80;
    listen  [::]:80;

    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

}
293
0 + 0
ssl
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.