I have the following Dockerfile:
FROM nginx:latest
RUN apt-get update \
&& apt-get -y install openssl \
&& apt-get -y install vim
RUN mkdir -p /etc/nginx/snippets
RUN mkdir -p /etc/openssl
RUN openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/openssl/nginx-selfsigned.key -out /etc/openssl/nginx-selfsigned.crt -subj "/C=US/ST=NY/L=NY/O=ACME/OU=CD/CN=AcmeWPDeveloper"
I don't get an errors but when I log into the container, the openssl directory is empty.
What I've checked:
- all directories I try to create exist on the new container.
- openssl is installed.
Test that /etc/openssl folder exists:
PS C:\Users\me\src\tests\nginx\wordpress-nginx-docker> docker exec -it --user="root" nginx bash
root@59ab746371ba:/# ls -lah /etc/openssl/
total 4.0K
drwxrwxrwx 1 root root 4.0K Oct 27 14:30 .
drwxr-xr-x 1 root root 4.0K Oct 27 14:30 ..
root@59ab746371ba:/# exit
Check for the snippets folder:
root@6ee5da5f4b16:/# ls -lah /etc/nginx/
total 36K
drwxr-xr-x 1 root root 4.0K Oct 27 14:31 .
drwxr-xr-x 1 root root 4.0K Oct 27 14:31 ..
drwxrwxrwx 1 root root 4.0K Oct 27 14:18 conf.d
-rw-r--r-- 1 root root 1007 Sep 7 15:21 fastcgi_params
-rw-r--r-- 1 root root 5.2K Sep 7 15:21 mime.types
lrwxrwxrwx 1 root root 22 Sep 7 15:38 modules -> /usr/lib/nginx/modules
-rw-r--r-- 1 root root 648 Sep 7 15:38 nginx.conf
-rw-r--r-- 1 root root 636 Sep 7 15:21 scgi_params
drwxr-xr-x 2 root root 4.0K Oct 27 14:31 snippets
-rw-r--r-- 1 root root 664 Sep 7 15:21 uwsgi_params
Check to make sure openssl package was installed:
root@6ee5da5f4b16:/# openssl
OpenSSL> ^C
root@6ee5da5f4b16:/#
When I run the command manually on the container, it works:
root@6ee5da5f4b16:/# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/openssl/nginx-selfsigned.key -out /etc/openssl/nginx-selfsigned.crt -subj "/C=US/ST=NY/L=NY/O=ACME/OU=CD/CN=AcmeWPDeveloper"
Generating a RSA private key
..........................................
.......
writing new private key to '/etc/openssl/nginx-selfsigned.key'
-----
root@6ee5da5f4b16:/# ls -lah /etc/openssl/
total 12K
drwxrwxrwx 1 root root 4.0K Oct 27 14:36 .
drwxr-xr-x 1 root root 4.0K Oct 27 14:31 ..
-rw-r--r-- 1 root root 1.3K Oct 27 14:36 nginx-selfsigned.crt
-rw------- 1 root root 1.7K Oct 27 14:36 nginx-selfsigned.key
root@6ee5da5f4b16:/#
EDIT 1
Here's the docker-compose file that consumes the Dockerfile: (just the nginx stanza shown)
nginx:
#image: nginx:${NGINX_VERSION:-latest}
container_name: nginx
ports:
- '8085:8085'
- '443:443'
build: .
volumes:
- ${NGINX_CONF_DIR:-./nginx}:/etc/nginx/conf.d
- ${NGINX_LOG_DIR:-./logs/nginx}:/var/log/nginx
- ${WORDPRESS_DATA_DIR:-./wordpress}:/var/www/html
- ${SSL_CERTS_DIR:-./certs}:/etc/openssl
- ${SSL_CERTS_DATA_DIR:-./certs-data}:/data/openssl
CodePudding user response:
With this instruction…
volumes:
- ${SSL_CERTS_DIR:-./certs}:/etc/openssl
…you are "overriding" the already existing /etc/openssl
of the image (which does contain the files) with your (empty) volume when starting the container.