Does anyone know how to install Letsencrypt on a Docker container with non-standard port (port 444)?
Letsencrypt and Nextcloud
-
-
Thank you for bringing this up. That exactly solved my problem of changing the nextcloud port to a custom port.
Maybe i should mention here a bit more precisely how to do it:
1. Add this to your config.php of nextcloud:
Where 444 is the port of your letsencrypt docker for https. In the original howto this port is where you forward your traffic from external access on 443 to
(443 -> 444).
2. Add a rule in your router config to forward 444 external (WAN) to 444 internal (LAN).
Of course you do not need the 443 to 444 rule anymore afterwards.
This is how i got it running here now.
Nextcloud with Letsencrypt using OMV and docker-compose - Q&A
-
thanks. I will try this.
I also have trouble generating my letsencrypt certificate. I always get error message:
waiting for verification...
Challenge failed for domain mydomain.xyz
Cleaning up challenges
Challenges failed for all domains
Have you seen this? Any ideas ?
-
-
Check your port forwarding for port 80. Letsencrypt need port 80.
-
thanks - port 80 is open
-
so forwarded in the router from WAN to LAN. Also in docker from LAN to container?
-
Forwarded from WAN to LAN (OMV server): yes
i am generating certificate with letsencrypt for OMV server first (not even considering Docker for now).
This throws the error message.
-
Ah, OMV4 with letsencrypt plugin - I am out, sorry.
But I think there is a long letsencrypt plugin thread in the forum.
-
ok will check - thanks
-
According to the OMV 4.x docks (which respectively appear identical to 5.x):
ZitatCouldn't you just create the certs with docker (or the shell preferably) and put them in the above? I'm brand new to docker and the linuxserver/letsencrypt container is awesome, but you don't have to use it. This will explain how to generate a cert on your OMV box independently without docker: https://certbot.eff.org/instructions. However, I'm not sure about letting it autoconfig your nginx or whatever OMV runs, but still you can generate the keys without doing that, it's pretty basic *AND* if even I can do it on a desktop... :-).
BTW, I completely understand why you're doing this and will be doing this _VERY_ soon. I'm learning to use Docker Swarm and to my beginner eyes, it seems easier this way with multiple remote OMV boxes from the remote maintenance side of things. In fact, I'm having a hard time seeing why you'd want the Docker container to have the certs while leaving OMV without them, but again I'm new.
But otherwise, wouldn't this simply be monson's quote up there with -p 443:444 or without that directive just -p 444:443? Maybe the reasoning you need to change ports would help suggestions.
-
I have managed to create the certificate in OMV via the plugin. It all hinges on providing the right webroot directory (which is nowhere explained). Letsencrypt will not work if that directory points to the incorrect folder. So I have the certificate working in OMV (but Apple devices still dont like the certificate).
Anyway, now I will try to get the docker container to work with the certificate. The comtainer runs Nextcloud and my port redirection to 444 is necessary to be able to access OMV (via 443) and Docker-Nextcloud (via 444) since they both sit on the same server.
-
Why do you want to install letsencrypt docker when you generate the certificates elsewhere and also don’t seem to intend to use the inbuilt reverse proxy?
-
you are exactly right. Thats why I do not want to install Letsencrypt docker. I have created a Letsencrypt certificate using the Plugin and I want to import this certificate into the Docker container that runs Nextcloud. This Nextcloud container is already up and running. Any Idea how to import this and utilise it inside?
-
Unless its a wildcard cert, or explicity for your nextcloud subdomain that won't work.
PS: Wildcard certs only work via DNS Challenge.
Greetings
David
-
nextcloud runs on the same domain as OMV. They are both just separated via the port number.
Would that certificate work if I import it into Docker-Nexcloud?
-
If its the same domain name it could work just fine.
Greetings
David
-
ok thank you for your tips
Jetzt mitmachen!
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!