This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Still unclear on https and separately port mapping containers #285
Comments
Alexander-Krause-Glau
pushed a commit
to Alexander-Krause-Glau/rpi-docker-nginx-proxy
that referenced
this issue
Mar 30, 2018
Add Travis CI automated testing
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
New at the docker port mapping and https concepts and grubbing around like a blind truffle pig at the solution for this. Think I am co-mingling theories too.
I was under the general impression that nginx acting as the reverse proxy should be where SSL termination occurs? The creator of this code, many on the github issues discussion and elsewhere are talking of additional certs at the container level. Also notable is the second container I am launching (described below) creates its own certs at docker run time.
Trying to install onlyoffice's (3 docker containers) office suite which includes:
document manager
mail server
team collaboration app which pulls in the other two.
http://helpcenter.onlyoffice.com/server/docker/community/docker-installation.aspx
On a Linode VPS, after setting up DNS and allowing changes to filter through, launched nginx-proxy after creating self signed certs and pointing to them
docker run -d -p 80:80 -p 443:443 --restart='always' -e DEFAULT_HOST=www.foo.asia -v /home/misc_certs:/etc/nginx/certs -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
I get #502 bad gateway on the default host of www.foo.asia and foo.asia even though I set the former in the docker run command. Also tried "https://" versions of. I assume I should get the nginx welcome page here?
Have tried keeping the ports for the onlyoffice containers the same as recommended but they clash (with something, maybe a logging app) so I remapped them.
Launching the document manager with no SSL at the container level works for the subdomain docs.foo.com (a test subdomain).
docker run -e VIRTUAL_HOST=docs.foo.asia -i -t -d -p 8080:80 onlyoffice/documentserver
Launching the mail server appears to work when I remap the ports since the original ones are bound already, at least one is so I changed them all. But I get a #502 error when trying to reach mail.foo.asia.
docker run --privileged -e VIRTUAL_HOST=mail.foo.asia -e VIRTUAL_PROTO=https -i -t -d -p 26:25 -p 144:143 -p 588:587 \
-v /opt/docker/Data:/etc/pki/tls/mailserver -h mail.foo.asia onlyoffice/mailserver
Haven't gotten to the final container yet since my first attempt at docker-compose.yml building gives me an MySQL error. So I decided to build piece by piece.
Appreciate any insights. I guess my two big pain points are use of certs at the container level and port mapping when 80 and 443 (or any other ports) are already bound. Do I map internal container ports to non-standard external ones and is there a standard practice on choosing them?
The text was updated successfully, but these errors were encountered: