Comments (5)
JonasAlfredsson
commented on June 20, 2024
Hi JC-ironman,
Yeah, webroot authentication only works if you have port 80 forwarded so either you have to do that or change over to the DNS challenge. This is discussed more on the Let's Encrypt forum: https://community.letsencrypt.org/t/is-port-80-required-for-renewals/121432/2
from docker-nginx-certbot.
JonasAlfredsson
commented on June 20, 2024
Also, there is already an HTTPS redirect included in this container: https://github.com/JonasAlfredsson/docker-nginx-certbot/blob/master/src/nginx_conf.d/redirector.conf
from docker-nginx-certbot.
JC-ironman
commented on June 20, 2024
I tried with the example you give as example and got the same issue:
upstream backend {
server api:3000;
}
upstream admin {
server frontend;
}
server {
# Listen to port 443 on both IPv4 and IPv6.
listen 443 ssl default_server reuseport;
listen [::]:443 ssl default_server reuseport;
# Domain names this server should respond to.
server_name <domain>;
# Load the certificate files.
ssl_certificate /etc/letsencrypt/live/<domain>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<domain>/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/<domain>/chain.pem;
location / {
proxy_pass http://admin/;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_redirect off;
}
location /api {
proxy_pass http://backend/api;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_redirect off;
}
}
Like I don't understand what to change in my conf to make it works. Thanks for helping me
from docker-nginx-certbot.
JonasAlfredsson
commented on June 20, 2024
In the docker-compose config you have
ports:
- 23456:80 # I need this to be custom
- 34567:443 # I need this to be custom
If you use the HTTP-01 challenge you must have
ports:
- 80:80
- 443:443
You must then make sure that port 80 is correctly forwarded to the machine where this container is running.
If you cannot forward port 80 then you will need to look into setting up this with the DNS challenge instead.
from docker-nginx-certbot.
JonasAlfredsson
commented on June 20, 2024
Did you manage to solve your issue?
from docker-nginx-certbot.
Related Issues (20)
- Test nginx config on SIGHUP HOT 4
- [Third-party] Cloudflare proxy DNS, SSL encryption mode must be set to "Full" (or Full strict) HOT 3
- config file not being discovered HOT 4
- Update Dockerhub Image HOT 4
- Improve Azure File Share support HOT 2
- Conflicting servername xxx on 0.0.0.0:443 HOT 2
- Speed up DH generation HOT 4
- Standard nginx "docker-entrypoint.sh" not being used HOT 7
- Renewal failed on challenge webroot HOT 5
- Add support for Bunny.net authenticator plugin for DNS-01 HOT 7
- How is log rotation handled? HOT 2
- Publish v5.0.1 to address CVE-2024-24989 and CVE-2024-24990 HOT 2
- Reload nginx config without forced certificat renewal? HOT 7
- no alternative certificate subject name matches target host name HOT 3
- High CVE present on latest (jonasal/nginx-certbot:5.0.1-nginx1.25.4) HOT 1
- adding additional info in the http directive HOT 5
- Unable to enable specific ciphers HOT 19
- How to add a wildcard SAN to a certificate of a domain? HOT 2
- Error when running service 'Important file(s) for '/etc/nginx/conf.d/default.conf' are missing or empty' HOT 3
- map variable for server_name HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-nginx-certbot.