我正在尝试使用现有的配置文件初始化容器。我拥有的文件是nginx.conf和ssl.conf。卷配置设置如下:
volumes:
- ./nginxletsencrypt_config:/config
- ./nginxConfig/nginx.conf:/config/nginx/site-confs/default
- ./nginxConfig/ssl.conf:/config/nginx/ssl.conf
此结果是“ default”和ssl.conf文件,它们具有root:root所有者,甚至被标记为可执行文件。如果仅将第一行放进去,然后将nginx.conf和ssl.conf的另外两行注释掉,那么该映像中将包含这两个文件及其默认内容。 完整的docker compose文件为:
version: '2'
services:
nginx:
restart: always
image: linuxserver/letsencrypt
container_name: nginx
ports:
- 443:443
- 80:80
cap_add:
- NET_ADMIN
environment:
- HOST_HOSTNAME=prod
- PUID=1001 # get on dockerhost through command "id <user>"
- PGID=1002
- TZ=Europe/London
- URL=domainname.com
- VALIDATION=http
- EMAIL=contact@email.fr
- STAGING=false
volumes:
- ./nginxletsencrypt_config:/config
- ./nginxConfig/nginx.conf:/config/nginx/site-confs/default
- ./nginxConfig/ssl.conf:/config/nginx/ssl.conf
我使用linuxserver / letsencrypt来获得ssl证书。在手动将nginx.conf内容放入“默认”文件后,我设法运行了所有内容,并且证书和nginx正常工作。 Docker撰写版本
docker-compose version
docker-compose version 1.18.0, build 8dd22a9
docker version
Client:
Version: 17.05.0-ce
API version: 1.29
Go version: go1.7.5
Git commit: 89658be
Built: Thu May 4 22:10:54 2017
OS/Arch: linux/amd64
Server:
Version: 17.05.0-ce
API version: 1.29 (minimum version 1.12)
Go version: go1.7.5
Git commit: 89658be
Built: Thu May 4 22:10:54 2017
OS/Arch: linux/amd64
Experimental: false
============================================
将docker更新到最新版本并在清晰的环境下进行测试(之前未安装较旧的docker)之后:
krasen@test:~$ docker version
Client:
Version: 18.09.7
API version: 1.39
Go version: go1.10.8
Git commit: 2d0083d
Built: Thu Jun 27 17:57:09 2019
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 18.09.7
API version: 1.39 (minimum version 1.12)
Go version: go1.10.8
Git commit: 2d0083d
Built: Thu Jun 27 17:23:02 2019
OS/Arch: linux/amd64
Experimental: false
krasen@test:~/test$ pwd
/home/krasen/test
krasen@test:~/test$ cat docker-compose.yml
version: '2'
services:
nginx:
restart: always
image: linuxserver/letsencrypt
container_name: nginx
ports:
- 443:443
- 80:80
cap_add:
- NET_ADMIN
environment:
- HOST_HOSTNAME=prod
- PUID=1001 # get on dockerhost through command "id <user>"
- PGID=1002
- TZ=Europe/Paris
- URL=test.net
- VALIDATION=http
- EMAIL=test@test.fr
user: ${CURRENT_UID}
volumes:
- ./nginxletsencrypt_config:/config
- ./nginxConfig/nginx.conf:/config/nginx/site-confs/default
- ./nginxConfig/ssl.conf:/config/nginx/ssl.conf
krasen@test:~/test$ ls
docker-compose.yml Dockerfile nginxConfig nginxletsencrypt_config
krasen@test:~/test$ ls nginxConfig/
nginx.conf ssl.conf
krasen@test:~/test$ ls -la nginxConfig/
total 16
drwxrwxr-x 2 krasen krasen 4096 Jul 8 09:06 .
drwxrwxr-x 4 krasen krasen 4096 Jul 8 09:09 ..
-rw-rw-r-- 1 krasen krasen 1500 Jul 8 09:06 nginx.conf
-rw-rw-r-- 1 krasen krasen 1405 Jul 8 09:06 ssl.conf
krasen@test:~/test$ ls -la nginxletsencrypt_config/
total 48
drwxrwxr-x 11 krasen krasen 4096 Jul 8 09:07 .
drwxrwxr-x 4 krasen krasen 4096 Jul 8 09:09 ..
drwxr-xr-x 2 krasen krasen 4096 Jul 8 09:07 crontabs
-rw-rw-r-- 1 krasen krasen 0 Jul 8 09:07 .directory
drwxr-xr-x 2 krasen krasen 4096 Jul 8 09:07 dns-conf
-rw-r--r-- 1 krasen krasen 204 Jul 8 09:07 donoteditthisfile.conf
drwxr-xr-x 3 krasen krasen 4096 Jul 8 09:07 etc
drwxr-xr-x 4 krasen krasen 4096 Jul 8 09:07 fail2ban
drwxr-xr-x 2 krasen krasen 4096 Jul 8 09:07 keys
drwxr-xr-x 6 krasen krasen 4096 Jul 8 09:07 log
drwxrwxr-x 4 krasen krasen 4096 Jul 8 09:07 nginx
drwxr-xr-x 2 krasen krasen 4096 Jul 8 09:07 php
drwxrwxr-x 2 krasen krasen 4096 Jul 8 09:07 www
krasen@test:~/test$ ls -la nginxletsencrypt_config/nginx/
total 44
drwxrwxr-x 4 krasen krasen 4096 Jul 8 09:07 .
drwxrwxr-x 11 krasen krasen 4096 Jul 8 09:07 ..
-rw-rw-r-- 1 krasen krasen 424 Jul 8 09:07 dhparams.pem
-rw-rw-r-- 1 krasen krasen 4140 Jul 8 09:07 ldap.conf
-rw-rw-r-- 1 krasen krasen 1832 Jul 8 09:07 nginx.conf
-rw-rw-r-- 1 krasen krasen 1019 Jul 8 09:07 proxy.conf
drwxrwxr-x 2 krasen krasen 12288 Jul 8 09:07 proxy-confs
drwxrwxr-x 2 krasen krasen 4096 Jul 8 09:07 site-confs
krasen@test:~/test$ ls -la nginxletsencrypt_config/nginx/site-confs/
total 8
drwxrwxr-x 2 krasen krasen 4096 Jul 8 09:07 .
drwxrwxr-x 4 krasen krasen 4096 Jul 8 09:07 ..
krasen@test:~/test$ docker-compose build
nginx uses an image, skipping
krasen@test:~/test$ docker-compose -f docker-compose.yml up -d
Creating network "test_default" with the default driver
Pulling nginx (linuxserver/letsencrypt:latest)...
latest: Pulling from linuxserver/letsencrypt
2430498be9ad: Pull complete
ab781ac10f2e: Pull complete
365f82032c47: Pull complete
c3805ea8a362: Pull complete
6e0559b48e8a: Pull complete
5ecfcf110062: Pull complete
7aee6d88249e: Pull complete
Digest: sha256:9ad0d0d48a9f7e784569cbecef95b753a87133574140f9e3ee790dc9ee7f3d8a
Status: Downloaded newer image for linuxserver/letsencrypt:latest
Creating nginx ... done
krasen@test:~/test$ ls ./nginxletsencrypt_config/
crontabs/ dns-conf/ etc/ keys/ nginx/ www/
.directory donoteditthisfile.conf fail2ban/ log/ php/
krasen@test:~/test$ ls ./nginxletsencrypt_config/nginx/
dhparams.pem ldap.conf nginx.conf proxy.conf proxy-confs site-confs ssl.conf
krasen@test:~/test$ ls -la ./nginxletsencrypt_config/nginx/
total 44
drwxrwxr-x 4 krasen krasen 4096 Jul 8 09:12 .
drwxrwxr-x 11 krasen krasen 4096 Jul 8 09:07 ..
-rw-rw-r-- 1 krasen krasen 424 Jul 8 09:07 dhparams.pem
-rw-rw-r-- 1 krasen krasen 4140 Jul 8 09:07 ldap.conf
-rw-rw-r-- 1 krasen krasen 1832 Jul 8 09:07 nginx.conf
-rw-rw-r-- 1 krasen krasen 1019 Jul 8 09:07 proxy.conf
drwxrwxr-x 2 krasen krasen 12288 Jul 8 09:07 proxy-confs
drwxrwxr-x 2 krasen krasen 4096 Jul 8 09:12 site-confs
-rwxr-xr-x 1 root root 0 Jul 8 09:12 ssl.conf
krasen@test:~/test$ cat ./nginxletsencrypt_config/nginx/ssl.conf
krasen@test:~/test$ cat ./nginxConfig/ssl.conf
## Version 2018/05/31 - Changelog: https://github.com/linuxserver/docker-letsencrypt/commits/master/root/defaults/ssl.conf
# session settings
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# Diffie-Hellman parameter for DHE cipher suites
ssl_dhparam /config/nginx/dhparams.pem;
# ssl certs
ssl_certificate /config/keys/letsencrypt/fullchain.pem;
ssl_certificate_key /config/keys/letsencrypt/privkey.pem;
# protocols
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers '............................................................................................................................................................';
# HSTS, remove # from the line below to enable HSTS
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
# OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
krasen@test:~/test$
这里的用户:$ {CURRENT_UID}是1001:1002,但是有了这个,如果没有这个,在〜/ test / nginxletsencrypt_config / nginx目录中运行“ sudo cat ssl.conf”后,ssl.conf文件是空文件。 / p>
=================新编辑
我看到了nginx的日志,并且有这个
nginx | nginx: [emerg] host not found in upstream "web:8000" in /config/nginx/site-confs/default:2
表示“默认”文件不为空。然后文件被复制。但是为什么我不能用
列出它cat ./nginxletsencrypt_config/nginx/site-confs/default
或
sudo cat ./nginxletsencrypt_config/nginx/site-confs/default
答案 0 :(得分:2)
所以我能够重现您的问题
$ cat nginxletsencrypt_config/nginx/site-confs/default
$ ls -ialh nginxletsencrypt_config/nginx/site-confs/default
23518410 -rwxr-xr-x 1 tarunlalwani staff 0B Jul 9 12:37 nginxletsencrypt_config/nginx/site-confs/default
$ ls -ialh nginxConfig/nginx.conf
23492731 -rw-rw-r--@ 1 tarunlalwani staff 22B Jul 8 13:14 nginxConfig/nginx.conf
$ docker-compose exec nginx sh
root@9d6d58328d33:/# ls -alhi config/nginx/site-confs/default
23492731 -rw-rw-r-- 1 abc abc 22 Jul 8 08:44 config/nginx/site-confs/default
root@9d6d58328d33:/#
您可以看到inodes中的nginxletsencrypt_config有所不同,因此它是一个空白文件。我的直觉是因为容器中文件系统的层数。
这是Docker中的错误吗?可能是的,或者这可能是一个特例,需要对它发生的原因有更深入的了解