Question
Docker Nginx-proxy and letsencrypt not working
- Posted on December 6, 2018
- DigitalOceanDockerNginxLet's Encrypt
Asked by Luca Moiana
Hi, I’m writing this out of frustration, after reading all available tutorials and docs, but apparently I’m missing something important.
I want to revamp my website [MYDOMAIN] using docker and create a static website, a POSTGRES container, and some Dockerized apps.
I started out registering MYDOMAIN on Digital Ocean Network section with www and without.
Then:
I cloned and started https://github.com/jwilder/nginx-proxy
I cloned https://github.com/evertramos/docker-compose-letsencrypt-nginx-proxy-companion
Create a .env with my Digital Ocean IP:
#
# Set the IP address of the external access Interface
#
IP=0.0.0.0
After that if I run:
./test_start_ssl.sh MYDOMAIN
./test_start_ssl.sh www.MYDOMAIN
And I get “it works” results then I run ./test_stop.sh
After that I registered a subdomain portainer.MYDOMAIN I cloned https://github.com/evertramos/docker-portainer-letsencrypt And updated the following parameters:
DOMAINS= MYDOMAIN.com,www. MYDOMAIN.com,portainer. MYDOMAIN.com
MAIN_DOMAIN=portainer. MYDOMAIN.com
LETSENCRYPT_EMAIL=your_email@domain.com
PORTAINER_SSL_PATH=/path/to/your/certs
PORTAINER_SSL_CERTIFICATE=/certs/ MYDOMAIN.crt
PORTAINER_SSL_KEY=/certs/ MYDOMAIN.key
Then I try to visit all my domains and portainer domains always with different errors.
Can somebody point me in the right direction or suggest a tutorial?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Get our biweekly newsletter
Sign up for Infrastructure as a Newsletter.
Hollie's Hub for Good
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Become a contributor
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
Hi there,
There are a few things that I could suggest:
First, let’s make sure that your domain is pointing to the correct IP address. You can do this by using
digornslookupcommands:This should return your DigitalOcean Droplet’s IP address.
Next, it seems there might be a misunderstanding about the IP in your
.envfile. TheIP=0.0.0.0line should probably be the external IP of your DigitalOcean droplet, not0.0.0.0.The
nginx-proxyanddocker-compose-letsencrypt-nginx-proxy-companioncontainers should handle the reverse proxy and SSL for your applications, so you don’t need to worry about configuring those individually for each service.When you’re setting up your
docker-portainer-letsencryptenvironment variables, make sure the path to your SSL certificates is correct, and that the certificates are valid. Thedocker-compose-letsencrypt-nginx-proxy-companionshould handle the creation and renewal of these certificates, but you’ll want to double-check.Here’s an example of what your
docker-portainer-letsencryptconfiguration might look like:With this setup,
nginx-proxyanddocker-compose-letsencrypt-nginx-proxy-companionshould handle the reverse proxy and SSL, and you can focus on setting up your applications in Docker.As for a tutorial, this DigitalOcean tutorial is a comprehensive guide that goes over setting up a Node.js application with Docker, nginx-proxy, and Let’s Encrypt, and should be helpful even though it’s not exactly your use case.
Also, remember that DNS changes may take a while to propagate, and SSL issues might be due to DNS caching or certificate caching.
Best,
Bobby