I am currently working to setup Docker in order to deploy the website I created. However, I’m stuck at the level of configuring https with Nginx and Certbot.
Here is everything I did :
- Bought a domain name on OVH Cloud and added an A entry in the DNS pointing to my local windows machine (on which i run the containers to test if the website is working)
- Created the docker-compose.yml file with the following content :
services:
mysql_database:
build: ./database
environment:
MYSQL_ROOT_PASSWORD: test
MYSQL_DATABASE: ranking
ports:
- 3316:3306
flask-api:
build: ./server
environment:
MYSQL_HOST: mysql_database
MYSQL_PORT: 3306
MYSQL_DATABASE: ranking
MYSQL_USER: root
MYSQL_PASSWORD: test
DEBUG: False
SMASHGG_API_KEY: 1132567b3267
depends_on:
- mysql_database
frontend:
build: ./client
ports:
- 80:80
- 443:443
volumes:
- ./certbot/www/:/var/www/certbot/:ro
- ./certbot/conf/:/etc/nginx/ssl/:ro
depends_on:
- flask-api
certbot:
image: certbot/certbot:latest
volumes:
- ./certbot/www/:/var/www/certbot/:rw
- ./certbot/conf/:/ect/letsencrypt/:rw
- Where the frontend service is build using this Dockerfile :
# Utiliser une image Nginx de base
FROM nginx:latest
# Supprimer le fichier de configuration par défaut de Nginx
RUN rm /etc/nginx/conf.d/default.conf
# Copier le fichier de configuration personnalisé
COPY nginx.conf /etc/nginx/conf.d
# Copier les fichiers de build de Vue.js dans le répertoire d'hébergement de Nginx
COPY dist/ /usr/share/nginx/html
# Exposer le port 80 pour le serveur web
EXPOSE 80
- And the nginx.conf file is this one :
events {
worker_connections 1024;
}
http {
server {
listen 80;
server_name seeding.gg www.seeding.gg;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name seeding.gg www.seeding.gg;
ssl_certificate /etc/nginx/ssl/live/seeding.gg/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/live/seeding.gg/privkey.pem;
location / {
root /usr/share/nginx/html;
index index.html;
try_files $uri $uri/ /index.html;
}
location /api/ {
proxy_pass http://flask-api:5000/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}
- Created a folder named certbot that contains 2 folders named conf and www that are currently empty (for the volumes)
- Added 1 inbound rule to my firewall for ports 80 and 443
- Added 1 outbound rule to my firewall for ports 80 and 443
However, when I run the command docker compose run --rm certbot certonly --webroot --webroot-path /var/www/certbot/ -d www.seeding.gg to get the certificates, I get the following error :
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: www.seeding.gg
Type: dns
Detail: no valid A records found for www.seeding.gg; no valid AAAA records found for www.seeding.gg
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
Could you help me with this issue please ?