docker - NGINX代理+让我们加密

时间:2017-07-05 18:07:32

标签: nginx docker proxy docker-compose lets-encrypt

我从Docker开始。一开始我想在nginx上使用代理和SSL设置简单的服务器(只在我的机器上本地)所以我做这样的事情:

version: '2'
services:
  nginx-proxy:
    image: jwilder/nginx-proxy
    container_name: nginx-proxy
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./certs:/etc/nginx/certs:ro
      - /etc/nginx/vhost.d
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - /usr/share/nginx/html
    labels:
      - com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=true

  nginx-proxy-ssl:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: nginx-proxy-ssl
    volumes:
      - ./certs:/etc/nginx/certs:rw
      - /var/run/docker.sock:/var/run/docker.sock:ro
    volumes_from:
      - nginx-proxy

  whoami2:
    image: jwilder/whoami
    container_name: whoami2
    environment:
      - VIRTUAL_HOST=vertex.local.com
      - LETSENCRYPT_HOST=vertex.local.com
      - LETSENCRYPT_EMAIL=contact@vertex.local.com

networks:
  default:
    external:
      name: developer

在标准HTTP上,everythink很好,我正在获取网站,但让加密返回错误:

 Unable to reach http://vertex.local.com/.well-known/acme-challenge/zr0QPZ53RHLRFKy76GX1NKx3lY4GPIaVorH4PT88_Ew: HTTPConnectionPool(host='vertex.local.com', port=80): Max retries exceeded with url: /.well-known/acme-challenge/zr0QPZ53RHLRFKy76GX1NKx3lY4GPIaVorH4PT88_Ew (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7ff41fd2e550>: Failed to establish a new connection: [Errno 111] Connection refused',))

所以我有疑问:

  • 对于Docker(甚至本地)我需要设置真实的现有域名?如果是真的,我应该如何设置我的域(在提供者站点 - 记录等)和本地机器上?
    或者我如何将SSL设置到我的容器中?

0 个答案:

没有答案