Docker Community Forums

Share and learn in the Docker community.

Nginx fails to start inside container

Nginx fails to start inside container because of missing SSL certificate on new docker-compose install.
PS: SSL certificates resides in the mentioned path.
Looking for solution.
Thanks

@mustafa69, you’ll need to provide more details… can you provide your config, and Dockerfile?

Thanks @paullj1 for your response.
Here is docker-compose file.

version: ‘2’

services:
nginx:

image: nginx
volumes:
  - ./nginx.conf:/etc/nginx/nginx.conf
  - ./sites-available:/etc/nginx/sites-available
  - ./sites-enabled:/etc/nginx/sites-enabled
  - ./etc/letsencrypt/live:/etc/letsencrypt/live 
  - ./index.html:/home/f/embed/index.html       
ports:
  - 80:80
  - 443:443        
restart: unless-stopped    
depends_on:
  - app                        

mongo:
container_name: mongos
image: mongo
ports:
- ‘27017:27017’
app:
container_name: formioapp
restart: always
build: .
environment:
- env_tenantName=abc.com
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./sites-available:/etc/nginx/sites-available
- ./sites-enabled:/etc/nginx/sites-enabled
- ./etc/letsencrypt/live:/etc/letsencrypt/live
- /var/run/docker.sock:/var/run/docker.sock

  ports:
    - '3001:3001'     
  depends_on:
    - mongo

volumes:
nginx.conf:
sites-available:
sites-enabled:
letsencrypt:
etc:

Okay, so there’s a lot to unpack here. The biggest thing that I see is that Let’s Encrypt actually creates symbolic links in it’s “Live” directory to the actual certificates in it’s “Archive” directory. So if the syntax that you’re using to mount your volume inside the container actually works, then you’re mounting a directory with a bunch of symbolic links that point to non-existent certificates once inside the container. Does that make sense?

So on your host, if you “ls -al” inside the live directory, you probably see something like this:
/etc/letsencrypt/live/abc.com/cert.pem -> …/…/archive/abc.com/cert.pem

Inside the container, “…/…/archive” doesn’t exist, so nginx is telling the truth.

2 Likes

@paullj1 ou are absolutely right and this is what I was thinking about but please let me know the solution of this issue how can I get rid of it.
Many thanks

Well, one option would be to mount the entire “/etc/letsencrypt” directory inside your container.

1 Like