Yacht (or docker-anything) via SSL

  • Hello,

    On almost all services there is option to turn on SSL, everything was working perfectly when ssl was off

    after adding certificate there is problem with Yacht - it has no option to attach ssl and still serving via http on its port

    somehow chrome is forcing https for this domain now and is trying as much as possible to run everything via https resulting SSL PROTOCOL ERROR

    on bash I can see that portainer is serving via conmon, yacht is served with docker-proxy


    Is there any front balancer that I can configure now to load yacht with omv ssl cert?

    Can I somehow attach ssl to yacht too? What about any future docker images? i expect every http service on docker should eventually run with omv cert on some port.

  • If you're doing this to connect...

    Code
    https://123.4.5.678/blah

    ... then you probably want to read about reverse proxies in nginx or apache. I know there is a basic web server container called "SWAG" https://docs.linuxserver.io/general/swag that will cover everything coming from whatever IP.


    If you're using SSL per application/program like per e-mail domain, then you'll have to RTFM the specific programs options and issue a cert for each. Assuming you're using Let's Encrypt, these should help https://certbot.eff.org/ or https://github.com/dehydrated-io/dehydrated

  • If you're doing this to connect...

    Code
    https://123.4.5.678/blah

    ... then you probably want to read about reverse proxies in nginx or apache. I know there is a basic web server container called "SWAG" https://docs.linuxserver.io/general/swag that will cover everything coming from whatever IP.


    If you're using SSL per application/program like per e-mail domain, then you'll have to RTFM the specific programs options and issue a cert for each. Assuming you're using Let's Encrypt, these should help https://certbot.eff.org/ or https://github.com/dehydrated-io/dehydrated


    For now I rather expect that I'll be doing something like this:

    Code
    http(s)://192.168.1.50:8123/

    Just running some services and exposing them with omv imported ssl certificate (which is one from my CA = trusted).

    Everything on one internal IP, different services on different ports.

    For now omv itself as well as portainer can use this configuration - allowing to use configured certificate for those two services. I just would like to see yacht as well as any other docker service on other ports.


    Reverse proxies is one step ahead. Of course I'll configure that later, using my current setup (which is traefik + cert-manager). This will automatically configure DNS entries, get needed certificate and allows communication with one of my domains. For everything here I need port to talk with and this is why I asked how to configure those.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!