Docker Community Forums

Share and learn in the Docker community.

Nginx Docker for SSL Renewal

This may be more of an nginx question, but I think the problem is related to the docker setup. I’m trying to follow this guide:

I currently have a web server running Apache and serving data on port 80 in one container, inside of a Ubuntu host. I stopped that container and started this setup. I’ve only gotten to the point of getting the initial nginx server up and running. I can access it on my internal ip of the Ubuntu box and my external ipv4 address, but not on my fqdn. I know my fqdn resolves correctly because if I stop the nginx container and start my apache container, the site loads as I expect.

My apache container uses a bridged network, and this guide sets up its own network. Is that the issue? If so, I would expect my external ip not to work either. I installed ping on the docker image and have tested pinging my fqdn, it resolves as I would expect to the proper IP. Thanks for any advice!

EDIT: I should also add that my conf file looks like this:

server {
    listen 80;
    server_name "subdomain.fqdn.com";
    location ~ /.well-known/acme-challenge {
        allow all;
        root /usr/share/nginx/html;
    }

    root /usr/share/nginx/html;
    index index.html;
}

SSH into your server and run the following commands to install Docker on Ubuntu.

Add the GPG key and add the Docker repository from APT sources

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository “deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable”
Update the Ubuntu package database

sudo apt-get update
And finally, install Docker

sudo apt-get install -y docker-ce

I’m not sure what you’re suggesting. I already have Docker installed on Ubuntu.

It’s an annoying bot that typicaly adds more confusion and rarely responds with something usefull. Just ignore it.

I highly doube your nginx.conf is the problem. Since you didn’t share your Dockerfile and entrypoint script, it is impossible to know what’s wrong. Though, why don’t you just use https://hub.docker.com/r/linuxserver/letsencrypt, back in the days it did a nice job for me. Though, these days I would not even bother with nginx as a containerized reverseproxy and go straight to traefik .