Hi, I’m writing this out of frustration, after reading all available tutorials and docs, but apparently I’m missing something important.
I want to revamp my website [MYDOMAIN] using docker and create a static website, a POSTGRES container, and some Dockerized apps.
I started out registering MYDOMAIN on Digital Ocean Network section with www and without.
Then:
I cloned and started https://github.com/jwilder/nginx-proxy
I cloned https://github.com/evertramos/docker-compose-letsencrypt-nginx-proxy-companion
Create a .env with my Digital Ocean IP:
#
# Set the IP address of the external access Interface
#
IP=0.0.0.0
After that if I run:
./test_start_ssl.sh MYDOMAIN
./test_start_ssl.sh www.MYDOMAIN
And I get “it works” results then I run ./test_stop.sh
After that I registered a subdomain portainer.MYDOMAIN I cloned https://github.com/evertramos/docker-portainer-letsencrypt And updated the following parameters:
DOMAINS= MYDOMAIN.com,www. MYDOMAIN.com,portainer. MYDOMAIN.com
MAIN_DOMAIN=portainer. MYDOMAIN.com
LETSENCRYPT_EMAIL=your_email@domain.com
PORTAINER_SSL_PATH=/path/to/your/certs
PORTAINER_SSL_CERTIFICATE=/certs/ MYDOMAIN.crt
PORTAINER_SSL_KEY=/certs/ MYDOMAIN.key
Then I try to visit all my domains and portainer domains always with different errors.
Can somebody point me in the right direction or suggest a tutorial?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi there,
There are a few things that I could suggest:
First, let’s make sure that your domain is pointing to the correct IP address. You can do this by using dig or nslookup commands:
dig +short MYDOMAIN.com
This should return your DigitalOcean Droplet’s IP address.
Next, it seems there might be a misunderstanding about the IP in your .env file. The IP=0.0.0.0 line should probably be the external IP of your DigitalOcean droplet, not 0.0.0.0.
The nginx-proxy and docker-compose-letsencrypt-nginx-proxy-companion containers should handle the reverse proxy and SSL for your applications, so you don’t need to worry about configuring those individually for each service.
When you’re setting up your docker-portainer-letsencrypt environment variables, make sure the path to your SSL certificates is correct, and that the certificates are valid. The docker-compose-letsencrypt-nginx-proxy-companion should handle the creation and renewal of these certificates, but you’ll want to double-check.
Here’s an example of what your docker-portainer-letsencrypt configuration might look like:
DOMAINS=MYDOMAIN.com,www.MYDOMAIN.com,portainer.MYDOMAIN.com
MAIN_DOMAIN=portainer.MYDOMAIN.com
LETSENCRYPT_EMAIL=your_email@domain.com
PORTAINER_SSL_PATH=/etc/nginx/certs
PORTAINER_SSL_CERTIFICATE=/etc/nginx/certs/MYDOMAIN.com/fullchain.pem
PORTAINER_SSL_KEY=/etc/nginx/certs/MYDOMAIN.com/key.pem
With this setup, nginx-proxy and docker-compose-letsencrypt-nginx-proxy-companion should handle the reverse proxy and SSL, and you can focus on setting up your applications in Docker.
As for a tutorial, this DigitalOcean tutorial is a comprehensive guide that goes over setting up a Node.js application with Docker, nginx-proxy, and Let’s Encrypt, and should be helpful even though it’s not exactly your use case.
Also, remember that DNS changes may take a while to propagate, and SSL issues might be due to DNS caching or certificate caching.
Best,
Bobby
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.