search

waldur / waldur-docker-compose

Docker-compose configuration for quick setup of Waldur for demo purposes
MIT License
2 stars 11 forks source link

Custom certs not found #7

Open kubeworkz opened 1 year ago

kubeworkz commented 1 year ago

I'm trying to add my certificates to a new installation. My entry in .env is:

TLS=/home/ubuntu/certs/fullchain.pem /home/ubuntu/certs/privkey.pem

and I added the two following lines to the default volumes in docker-compose.yml:

  - /home/ubuntu/certs/fullchain.pem:/home/ubuntu/certs/fullchain.pem
  - /home/ubuntu/certs/privkey.pem:/home/ubuntu/certs/privkey.pem

When I bring everything up the caddy container keeps restarting with the following message in the logs:

Error: loading initial config: loading new config: loading http app module: provision http: getting tls app: loading tls app module: provision tls: loading certificates: open /home/ubuntu/certs/fullchain.pem: no such file or directory

What am I missing? Cheers, Dave

I'm also trying to add a Keycloak user but:

/opt/jboss/keycloak/bin/add-user-keycloak.sh

is not found and there's no jboss directory in the container.

yefimg commented 1 year ago

Hi,

These volumes need to be added to the Caddy container:

  # HTTP Router
  caddy-router:
    container_name: caddy
    image: '${DOCKER_REGISTRY_PREFIX}library/caddy:2'
    ports:
      - '${WALDUR_HTTP_PORT:-80}:80'
      - '${WALDUR_HTTPS_PORT:-443}:443'
    environment:
      - VIRTUAL_HOST=${WALDUR_DOMAIN:-localhost}
      - TLS=${TLS:-"certs@waldur.com"}
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
      - ./config/caddy-includes/:/etc/caddy-includes
      - caddy_data:/data
      - caddy_config:/config
      - /home/ubuntu/certs/fullchain.pem:/home/ubuntu/certs/fullchain.pem
      - /home/ubuntu/certs/privkey.pem:/home/ubuntu/certs/privkey.pem
    depends_on:
      waldur-homeport:
        condition: service_healthy
    restart: always

About adding the keycloak user - you don't need that command any more. It was valid for Keycloak 15, but we now migrated to Keycloak 19 and it should be provisioned automatically with admin password taken from KEYCLOAK_ADMIN_PASSWORD environment variable.

kubeworkz commented 1 year ago

Ah cool, thanks for the info. Everything works now. Great app btw. In fact, it's the only open source app in this space that's structured at the Organization level for multi-tenancy.