Skip to content
This repository has been archived by the owner on Jun 5, 2024. It is now read-only.

Add docker production configuration #37

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add docker production configuration #37

wants to merge 1 commit into from

Conversation

salquier
Copy link

Hi @inoda

I added configurations to run the server in production mode behind a proxy with docker as discussed in my previous PR.

@inoda
Copy link
Owner

inoda commented Oct 12, 2020

@luketainton If you have time, would you mind doing another docker test on the changes in this PR?

@luketainton
Copy link

@luketainton If you have time, would you mind doing another docker test on the changes in this PR?

Hey @salquier - sorry it's taken me a couple of days to do this. This looks good but the only issue I found was that the proxy dies if it can't find a certificate, but I guess that could be by design if this container is going to be internet facing.

ontrack-proxy | 20-envsubst-on-templates.sh: Running envsubst on /etc/nginx/templates/nginx.conf.template to /etc/nginx/conf.d/nginx.conf
ontrack-proxy | /docker-entrypoint.sh: Configuration complete; ready for start up
ontrack-proxy | 2020/10/17 11:14:29 [emerg] 1#1: cannot load certificate "/etc/letsencrypt/live/localhost/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/localhost/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
ontrack-proxy | nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/localhost/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/localhost/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
ontrack-proxy exited with code 1

In my personal setup I use Traefik as my frontend so I wouldn't use the proxy - I'd have Traefik go directly to the app container.

Other than that, this is really good :)

@salquier
Copy link
Author

No problem @luketainton

Yeah, this is a known problem. As workaround you can create empty files but the best is to generate the certificates before running nginx.

I've done this as I usually do but I'll take a look at traefik to see if it can give a simpler configuration than with nginx.

@inoda
Copy link
Owner

inoda commented Oct 24, 2020

@salquier is this ready to merge or are you still looking into traefik?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@salquier @inoda @luketainton