the*_*del 8 nginx docker docker-compose lets-encrypt certbot
我正在尝试使用 LetsEncrypt 和 Nginx 添加 https。我已经添加了 certbot 并且它运行成功。然后,当尝试运行 Nginx 服务器时,我收到此错误。
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: error: /etc/nginx/conf.d/default.conf is not a file or does not exist
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2020/11/21 06:24:07 [emerg] 1#1: open() "/etc/letsencrypt/options-ssl-nginx.conf" failed (2: No such file or directory) in /etc/nginx/conf.d/nginx.conf:23
nginx: [emerg] open() "/etc/letsencrypt/options-ssl-nginx.conf" failed (2: No such file or directory) in /etc/nginx/conf.d/nginx.conf:23
这是我的docker-compose.yml文件
version: '3.7'
services:
nginx_server:
image: nginx:latest
ports:
- '80:80'
- '443:443'
volumes:
- ./data/nginx:/etc/nginx/conf.d
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
my-image:
image: my-name/my-image
ports:
- '8088:8088'
这是我nginx.conf里面的文件data/nginx
server {
listen 80;
server_name mysite.com;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
proxy_pass http://my-image:8088;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
}
server {
listen 443 ssl default_server ssl;
server_name mysite.com;
ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://my-image:8088;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
}
Certbot 成功运行,因此我已从 docker-compose 中删除了它的映像。
任何帮助,将不胜感激。谢谢
我希望你已经找到了问题的解决方案,我将分享当我尝试在 docker 环境中使用 nginx 和 certbot 时解决我的问题的方法,以及我为其他可能想在 docker 中使用 nginx 和 certbot 的人使用的链接。
docker network create nginxversion: '3.4'
services:
web:
image: nginx:1.14.2-alpine
restart: always
volumes:
- ./public_html:/public_html
- ./conf.d:/etc/nginx/conf.d/
- ./dhparam:/etc/nginx/dhparam
- ./certbot/conf/:/etc/nginx/ssl/
- ./certbot/data:/usr/share/nginx/html/letsencrypt
ports:
- 80:80
- 443:443
networks:
- nginx
certbot:
image: certbot/certbot:latest
volumes:
- ./certbot/conf/:/etc/letsencrypt
- ./certbot/logs/:/var/log/letsencrypt
- ./certbot/data:/usr/share/nginx/html/letsencrypt
networks:
nginx:
external: true
server {
listen 80;
server_name YOUR_DOMAIN;
root /public_html/;
location ~ /.well-known/acme-challenge{
allow all;
root /usr/share/nginx/html/letsencrypt;
}
}
openssl dhparam -out ~/nginx/dhparam/dhparam-2048.pem 2048
docker-compose up --builddocker-compose run certbot certonly --webroot --webroot-path=/usr/share/nginx/html/letsencrypt --email YOUR_EMAIL --agree-tos --no-eff-email -d YOUR_DOMAIN
server {
listen 80;
server_name YOUR_DOMAIN;
location ~ /.well-known/acme-challenge{
allow all;
root /usr/share/nginx/html/letsencrypt;
}
location / {
return 301 https://YOUR_DOMAIN$request_uri;
}
}
server {
listen 443 ssl http2;
server_name YOUR_DOMAIN;
ssl on;
server_tokens off;
ssl_certificate /etc/nginx/ssl/live/YOUR_DOMAIN/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/live/YOUR_DOMAIN/privkey.pem;
ssl_dhparam /etc/nginx/dhparam/dhparam-2048.pem;
ssl_buffer_size 8k;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
location / {
proxy_pass http://frontend:3000;
}
}
version: '3'
services:
frontend:
build:
context: ./
environment:
- PORT=3000
- NODE_ENV=production
ports:
- 3000:3000
networks:
- nginx
networks:
nginx:
external: true
我们对流程进行了一些修改,我强烈建议您在使用上述步骤时也做同样的事情。如果需要更多信息,您可以查看下面的链接,这些人救了我:)
| 归档时间: |
|
| 查看次数: |
7253 次 |
| 最近记录: |