Home > Enterprise >  Docker jrcs/letsencrypt-nginx-proxy-companion doesn't generate a proper certificate
Docker jrcs/letsencrypt-nginx-proxy-companion doesn't generate a proper certificate

Time:11-11

I'm following a tutorial to deploy Wordpress using Docker on a Ubuntu server. The tutorial is in this Screenshoot of how the "cert" looks in the browser

To make everything easier I created a script to run all the steps fast:

#!/bin/bash

web_dir=/srv/www
myusername=root
domain_name=subdomain.domain.com
website_folder=/srv/www/$domain_name

nginx_proxy_repo=https://github.com/kassambara/nginx-multiple-https-websites-on-one-server
nginx_folder=/srv/www/nginx-multiple-https-websites-on-one-server/nginx-proxy
final_nginx_folder=/srv/www/nginx-proxy

echo ---INSTALL REQUIRED COMPONENTS----
sudo apt update
sudo apt install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
sudo apt update
apt-cache policy docker-ce
sudo apt install docker-ce docker-compose git
sudo systemctl status docker

echo ---CREATE AND GIVE PERMISSIONS TO WEBSITES DIR----
sudo mkdir -p $web_dir
# 2. set your user as the owner
sudo chown -R $myusername $web_dir
# 3. set the web server as the group owner
sudo chgrp -R www-data $web_dir
# 4. 755 permissions for everything
sudo chmod -R 755 $web_dir
# 5. New files and folders inherit 
# group ownership from the parent folder
chmod g s $web_dir

echo ---INSTALL NGINX PROXY----
git clone $nginx_proxy_repo $web_dir
rm -rf $web_dir/nginx-proxy/nginx.tmpl
curl -s https://raw.githubusercontent.com/jwilder/nginx-proxy/master/nginx.tmpl > $web_dir/nginx-proxy/nginx.tmpl
cd $web_dir
rm -rf your-website-one.com your-website-two.com README.Rmd .gitignore .Rbuildignore .git README.md

echo ---INSTALL WORDPRESS----
cd $web_dir
git clone https://github.com/kassambara/wordpress-docker-compose $domain_name

echo ---CONFIGURE DOCKER COMPOSE FOR ONLINEHOST----
cd $website_folder
mv docker-compose-onlinehost.yml docker-compose.yml

echo ---FINAL TOUCHES----
cd $website_folder
vi ./setup-onlinehost.sh
chmod  x setup-onlinehost.sh && ./setup-onlinehost.sh
vi .env
vi docker-compose.yml

cd $final_nginx_folder
docker network create nginx-proxy
docker-compose up -d

cd $final_nginx_folder
cd vhost.d
echo "client_max_body_size 64M;" > $domain_name

cd $website_folder
docker-compose up -d --build
docker-compose -f docker-compose.yml -f wp-auto-config.yml run --rm wp-auto-config

When the time comes I setup the setup-onlinehost.sh like this:

project_name="wordpress"
user_name="wordpress"
pass_word="wordpress"
email="[email protected]"
website_title="My Blog"
website_url="https://subdomain.domain.com"
phmyadmin_url="sqlsubdomain.domain.com"
env_file=".env"
compose_file="docker-compose.yml"

Then I remove the redirectnonwww container from the docker-compose.yml file since I don't want the redirect non-www to www behavior.

Then after everything is completed, I can access the websites over http but not over https. When I try to access it over https I receive a message about This connection is not private and the certificate seems to be wrong at this point.

Also If I let continue my browser to visit the website I got to the Nginx 500 Internal Server Error.

If I look into the contents of nginx-proxy/certs I see listed the following items:

certs (folder)
   default.crt  
   default.key  
   dhparam.pem  
   subdomain.domain.com (empty folder) 
   sqlsubdomain.domain.com (empty folder)
conf.d (folder)
docker-compose.yml
html  
nginx.tmpl  
vhost.d (folder)
   subdomain.domain.com (file)

The contents of vhost.d/subdomain.domain.com are:

## Start of configuration add by letsencrypt container
location ^~ /.well-known/acme-challenge/ {
    auth_basic off;
    auth_request off;
    allow all;
    root /usr/share/nginx/html;
    try_files $uri =404;
    break;
}
## End of configuration add by letsencrypt container
client_max_body_size 64M;

I'm not sure if I'm doing something wrong or if I should be doing something else that is not listed on the tutorial.

Thanks in advance.

CodePudding user response:

The issue seemed to be the number of times I had requested a certificate for those specific domains. I tried the deploy multiple times to figure out how to do it properly for the deployment server and also to write a proper version of the script, that I requested many times a certificate for two specific domains.

The issue was resolved after I tried a different domain and subdomain.

Page link:https//www.codepudding.com/Enterprise/187010.html

Prev:How can I save recordings and change appearance in bigbluebutton in wordpress
Next:I am getting the warning for a piece of code, but the c book by bjarne stroustrup is saying it sho
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding