search

FreedomBen / dory

Your development proxy for docker
MIT License
156 stars 24 forks source link

Custom Certificates Seem to Break Proxy. #5

Closed Spittal closed 7 years ago

Spittal commented 7 years ago

Hello!

I'm having a small problem while using certificates and dory. It seems to fail proxying to the container when I set a certificate directory with ssl_certs_dir in the .dory.yml file.

These logs I get when booting up the dory_dinghy_http_proxy with a certs directory set 

forego     | starting nginx.1 on port 5000
forego     | starting dockergen.1 on port 5100
dockergen.1 | 2016/10/25 01:19:07 Generated '/etc/nginx/conf.d/default.conf' from 4 containers
dockergen.1 | 2016/10/25 01:19:07 Running '/app/reload-nginx'
dockergen.1 | 2016/10/25 01:19:08 Error running notify command: /app/reload-nginx, exit status 1
dockergen.1 | 2016/10/25 01:19:08 Watching docker events
dockergen.1 | 2016/10/25 01:19:09 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification '/app/reload-nginx'
dockergen.1 | 2016/10/25 01:19:09 Received event start for container 4a6e829a53e2
dockergen.1 | 2016/10/25 01:19:09 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification '/app/reload-nginx'
nginx.1    | 2016/10/25 01:19:16 [error] 24#24: *1 open() "/usr/share/nginx/html/home/capabilities" failed (2: No such file or directory), client: 172.17.0.1, server: localhost, request: "GET /home/capabilities HTTP/1.1", host: "omnifilm.docker"
nginx.1    | 172.17.0.1 - - [25/Oct/2016:01:19:16 +0000] "GET /home/capabilities HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" "-"

I'm wondering if maybe it doesn't use the name matching engine that the dinghy_http_proxy does.

At any rate I made a very short screencast that shows my problem using dory

http://quick.as/8br7coyej

Let me know if you have any ideas, Thanks.

FreedomBen commented 7 years ago

It's definitely possible that something has changed on the dinghy side. I can rebase against that and see if it fixes it, and if it doesn't then we can go from there.

So this does work on Dinghy? (just clarifying so we can direct testing effort)

Spittal commented 7 years ago

Yup! it works on Dinghy, if the certificate with the name of the VIRTUAL_HOST env var is in the ~/.dinghy/certs directory then the VHOST will automatically redirect to the HTTPS version of the host.

FreedomBen commented 7 years ago

Sorry @Spittal , I haven't forgot about you. Just been super busy.

I had a thought tho, and after looking at the dinghy proxy code, I wonder if you could just add an image key under nginx_proxy in your .dory.yml file that points to the dinghy version. If this works, I can work on a patch for dory so you don't need the workaround. Are you willing to give it a try? If so, in your ~/.dory.yml add this:

---
dory:
  ...
  nginx_proxy:
    ...
    image: 'codekitchen/dinghy-http-proxy:2.5.3'
    ....
Spittal commented 7 years ago

image

Huzzah!

Seems to work perfectly using this config

  nginx_proxy:
    enabled: true
    container_name: dory_dinghy_http_proxy
    image: 'codekitchen/dinghy-http-proxy:2.5.3'
    https_enabled: true
    ssl_certs_dir: '/Users/jamie/.dinghy/certs'
FreedomBen commented 7 years ago

Awesome, thank you!