【发布时间】:2021-08-31 00:07:53
【问题描述】:
我目前有一堆基于 Docker 的服务通过 SSL 工作,对于本地开发,我们只使用自签名证书,但现在我们正在尝试配置生产部署。
我目前的测试环境是基于w10的,容器在wsl里面运行
对于我们遵循these instructions 的大多数步骤,正常的 HTTP 流量似乎正在工作,但是当我尝试通过 HTTPS 请求时,如果我这样做,我会收到“500 内部服务器错误”从 Linux 实例内部卷曲,我可以看到我得到了网站服务,但如果我尝试从其他地方访问它,我会收到 500 错误。
问题是,我只能在使用最终公共托管时配置 ssl 并重新配置我的域,还是有办法在迁移到 prod 之前在本地测试所有内容?并且当前在 apache 映像中的自签名证书可能有任何问题吗?
编辑:从检查the documentation 现在我了解到,为了让lets-encrypt 工作,我需要使用实际的最终公共DNS 和托管,但我想知道如何将其配置为在本地工作,或者只是删除 ssl 部分?我记得对我们的架构有一些要求,以便在 ssl 上使用它,但现在还不太确定,在本地,我需要开发人员能够毫无问题地运行多个实例
我的应用程序 docker 文件基于 this one
当前docker-compose文件如下:
version: '3'
services:
web:
build:
context: ./modxServer
links:
- 'db:mysql'
ports:
- 443
- 80
networks:
- reverse-proxy
- back
environment:
XDEBUG_SESSION: wtf
MODX_VERSION: 2.8.1
MODX_CORE_LOCATION: /var/www/coreM0dXF1L3s
MODX_DB_HOST: 'mysql:3306'
MODX_DB_PASSWORD: modx
MODX_DB_USER: modx
MODX_DB_NAME: modx
MODX_TABLE_PREFIX: modx_
MODX_ADMIN_USER: admin
MODX_ADMIN_PASSWORD: admin
MODX_ADMIN_EMAIL: admin@admin.com
MODX_SERVER_ROUTE: boats.trotalo.com
VIRTUAL_HOST: boats.trotalo.com
VIRTUAL_PROTO: https
VIRTUAL_PORT: 443
LETSENCRYPT_HOST: boats.trotalo.com
LETSENCRYPT_EMAIL: camilo.casadiego@trotalo.com
volumes:
- '~/development/boatsSupervisionSystem/www:/var/www'
db:
image: 'mysql:8.0.22'
networks:
- back
environment:
MYSQL_ROOT_PASSWORD: mysql
MYSQL_DATABASE: modx
MYSQL_USER: modx
MYSQL_PASSWORD: modx
ports:
- 3306
command: --default-authentication-plugin=mysql_native_password
volumes:
- '~/development/boatsSupervisionSystem/mysql:/var/lib/mysql'
networks:
reverse-proxy:
external:
name: reverse-proxy
back:
driver: bridge
目前,我得到的唯一有意义的日志是来自lets-encrypt的
021/08/31 00:09:46 [notice] 175#175: signal process started
Creating/renewal boats.trotalo.com certificates... (boats.trotalo.com)
[Tue Aug 31 00:09:46 UTC 2021] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Tue Aug 31 00:09:46 UTC 2021] Creating domain key
[Tue Aug 31 00:09:47 UTC 2021] The domain key is here: /etc/acme.sh/camilo.casadiego@trotalo.com/boats.trotalo.com/boats.trotalo.com.key
[Tue Aug 31 00:09:47 UTC 2021] Single domain='boats.trotalo.com'
[Tue Aug 31 00:09:47 UTC 2021] Getting domain auth token for each domain
[Tue Aug 31 00:09:49 UTC 2021] Getting webroot for domain='boats.trotalo.com'
[Tue Aug 31 00:09:49 UTC 2021] Verifying: boats.trotalo.com
2021/08/31 00:09:25 Generated '/app/letsencrypt_service_data' from 2 containers
2021/08/31 00:09:25 Running '/app/signal_le_service'
2021/08/31 00:09:25 Watching docker events
2021/08/31 00:09:25 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
2021/08/31 00:09:37 Received event start for container 7e0b47af1ddc
2021/08/31 00:09:37 Received event start for container 283bb4ebec51
2021/08/31 00:09:42 Debounce minTimer fired
2021/08/31 00:09:42 Generated '/app/letsencrypt_service_data' from 4 containers
2021/08/31 00:09:42 Running '/app/signal_le_service'
[Tue Aug 31 00:09:53 UTC 2021] boats.trotalo.com:Verify error:DNS problem: NXDOMAIN looking up A for boats.trotalo.com - check that a DNS record exists for this domain
[Tue Aug 31 00:09:53 UTC 2021] Please check log file for more details: /dev/null
【问题讨论】: