Nginx fails to start inside container because of missing SSL certificate on new docker-compose install.
PS: SSL certificates resides in the mentioned path.
Looking for solution.
Thanks
Thanks @paullj1 for your response.
Here is docker-compose file.
version: ‘2’
services:
nginx:
image: nginx
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./sites-available:/etc/nginx/sites-available
- ./sites-enabled:/etc/nginx/sites-enabled
- ./etc/letsencrypt/live:/etc/letsencrypt/live
- ./index.html:/home/f/embed/index.html
ports:
- 80:80
- 443:443
restart: unless-stopped
depends_on:
- app
mongo:
container_name: mongos
image: mongo
ports:
- ‘27017:27017’
app:
container_name: formioapp
restart: always
build: .
environment:
- env_tenantName=abc.com
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./sites-available:/etc/nginx/sites-available
- ./sites-enabled:/etc/nginx/sites-enabled
- ./etc/letsencrypt/live:/etc/letsencrypt/live
- /var/run/docker.sock:/var/run/docker.sock
ports:
- '3001:3001'
depends_on:
- mongo
volumes:
nginx.conf:
sites-available:
sites-enabled:
letsencrypt:
etc:
Okay, so there’s a lot to unpack here. The biggest thing that I see is that Let’s Encrypt actually creates symbolic links in it’s “Live” directory to the actual certificates in it’s “Archive” directory. So if the syntax that you’re using to mount your volume inside the container actually works, then you’re mounting a directory with a bunch of symbolic links that point to non-existent certificates once inside the container. Does that make sense?
So on your host, if you “ls -al” inside the live directory, you probably see something like this:
/etc/letsencrypt/live/abc.com/cert.pem -> …/…/archive/abc.com/cert.pem
Inside the container, “…/…/archive” doesn’t exist, so nginx is telling the truth.
2 Likes
@paullj1 ou are absolutely right and this is what I was thinking about but please let me know the solution of this issue how can I get rid of it.
Many thanks
Well, one option would be to mount the entire “/etc/letsencrypt” directory inside your container.
1 Like