search

Valian / docker-nginx-auto-ssl

Docker image for automatic generation of SSL certs using Let's encrypt and Open Resty
https://hub.docker.com/r/valian/docker-nginx-auto-ssl/
MIT License
405 stars 101 forks source link

does not work #37

Closed wanghaisheng closed 4 years ago

wanghaisheng commented 4 years ago 
root@docker-s-1vcpu-2gb-sgp1-01:/var/discourse# docker run -d \
>   --name nginx-auto-ssl \
>   --restart on-failure \
>   -p 80:80 \
>   -p 443:443 \
>   -e FORCE_HTTPS=true \
>   -e RESOLVER_ADDRESS=julio.ns.cloudflare.com,paislee.ns.cloudflare.com \
>   -e ALLOWED_DOMAINS=antivte.com \
>   -e SITES='bbs.antivte.com=unix:/var/discourse/shared/bbs/nginx.http.sock:;ytb.antivte.com=unix:/var/discourse/shared/ytb/nginx.http.sock:;cp.antivte.com=lunix:/var/discourse/shared/cp/nginx.http.sock:' \
>   valian/docker-nginx-auto-ssl

here i got 3 docker container running and using the special file instead of listen 80 port. for cloudlfare dns i set resolver address. Is there anything I need to config

wanghaisheng commented 4 years ago

it seems cloudflare dns is not accessible, after run this 

#!/usr/bin/env bash
ALLOWED_DOMAINS=antivte.com,bbs.antivte.com,ytb.antivte.com,cp.antivte.com
SITES='bbs.antivte.com=unix:/var/discourse/shared/bbs/nginx.http.sock:;ytb.antivte.com=unix:/var/discourse/shared/ytb/nginx.http.sock:;cp.antivte.com=lunix:/var/discourse/shared/cp/nginx.http.sock:'
LETSENCRYPT_URL=https://acme-v01.api.letsencrypt.org/directory

docker run -d --name nginx-auto-ssl --restart on-failure \
--net=host \
-e ALLOWED_DOMAINS=${ALLOWED_DOMAINS} \
-e SITES=${SITES} \
-e FORCE_HTTPS=true \
-e LETSENCRYPT_URL=$LETSENCRYPT_URL \
valian/docker-nginx-auto-ssl

docker logs show,is this lib support special file or just port listening

2019/12/24 11:54:34 [emerg] 1#1: invalid port in upstream "lunix:/var/discourse/shared/cp/nginx.http.sock:" in /etc/nginx/conf.d/cp.antivte.com.conf:18

lunix is strange,where is the l from

wanghaisheng commented 4 years ago

@Valian

wanghaisheng commented 4 years ago 
root@docker-s-1vcpu-2gb-sgp1-01:/var/discourse# cat start.sh
#!/usr/bin/env bash
ALLOWED_DOMAINS=bbs.antivte.com
SITES='bbs.antivte.com=unix:/var/discourse/shared/bbs/nginx.http.sock:'
LETSENCRYPT_URL=https://acme-v01.api.letsencrypt.org/directory

docker run -d --name nginx-auto-ssl --restart on-failure \
--net=host \
-p 80:80 \
-p 443:443 \
-v /var/discourse/shared/standalone/:/var/discourse/shared/standalone/  \
-e ALLOWED_DOMAINS=${ALLOWED_DOMAINS} \
-e SITES=${SITES} \
-e FORCE_HTTPS=true \
-e LETSENCRYPT_URL=$LETSENCRYPT_URL \
valian/docker-nginx-auto-ssl

this does help me get the url accessible still 522 error

Valian commented 4 years ago

This is a line where you've used lunix, in your first post:

SITES='bbs.antivte.com=unix:/var/discourse/shared/bbs/nginx.http.sock:;ytb.antivte.com=unix:/var/discourse/shared/ytb/nginx.http.sock:;cp.antivte.com=lunix:/var/discourse/shared/cp/nginx.http.sock:'

Also, why you're adding : at the end of each section? Try to remove it and check again. Even better, you can remove SITES at all and check if you'll get a default NGINX page with a certificate.

Next guess: You're using /var/discourse/shared/bbs/nginx.http.sock socket, but mounting volume under /var/discourse/shared/standalone/. This socked doesn't exist inside the container. Please double-check if a socket is accessible (exec into running container and check this directory)

Last thing: I don't think it's an issue with this image. Note to self, probably I could write a troubleshooting section in README to help with such problems.

Valian commented 4 years ago

@wanghaisheng Is this issue still relevant?