Can't manage to use SSL with Docker
Posted: January 19th, 2022, 3:06 pm
Since I am quite familiar with docker and SSL I was really shocked that I could not manage to configurate SSL on SABnzbd.
What I normaly do is:
Since I have these 4 files
Also is it possible to JUST map the files into the container (like at all other docker containers) and if no, why not? Is there a good reason for not making it that easy?
EXAMPLE:
All of his containers: github . com/jlesage?tab=repositories
(sorry have to work around the message "New users are not allowed to post links")
handle it like this:
Map your "privkey.pem" to "/config/certs/web-privkey.pem"
Map your "fullchain.pem " to "/config/certs/web-fullchain.pem"
You can do this in your docker-compose.yml like this:
Isn't this 1000 times more easy? These two files there, since they are ":ro" it's also safe since the docker will just be able to read from, not write, execute etc.. Since you map them from "/etc/letsencrypt/live/" and not from "/etc/letsencrypt/archive/" they will automatically update when your LE creates a new cert, which he does all 3 months.
I would love to be able to mapp the SSL Cert in the SABnzbd container like this:
But it does not work, whenever I map something into this container it appears to have root rights and does not work like in any of the other containers.
I'am open for a discussion and would be happy to get some feedback.
P.S.: I' am currently on the latest version 3.4.2 [cc831e1]
What I normaly do is:
- mapping the certs from LE into the correct files in the docker
- correct rights (if necessary)
- start docker
- finished
Since I have these 4 files
- cert.pem
- privkey.pem
- chain.pem
- fullchain.pem
Also is it possible to JUST map the files into the container (like at all other docker containers) and if no, why not? Is there a good reason for not making it that easy?
EXAMPLE:
All of his containers: github . com/jlesage?tab=repositories
(sorry have to work around the message "New users are not allowed to post links")
handle it like this:
Map your "privkey.pem" to "/config/certs/web-privkey.pem"
Map your "fullchain.pem " to "/config/certs/web-fullchain.pem"
You can do this in your docker-compose.yml like this:
Code: Select all
volumes:
- "/etc/letsencrypt/live/DOMAIN/privkey.pem:/config/certs/web-privkey.pem:ro"
- "/etc/letsencrypt/live/DOMAIN/fullchain.pem:/config/certs/web-fullchain.pem:ro"
I would love to be able to mapp the SSL Cert in the SABnzbd container like this:
Code: Select all
volumes:
- "/etc/letsencrypt/live/DOMAIN/privkey.pem:/config/admin/privkey.pem:ro"
- "/etc/letsencrypt/live/DOMAIN/fullchain.pem:/config/admin/fullchain.pem:ro"
I'am open for a discussion and would be happy to get some feedback.
P.S.: I' am currently on the latest version 3.4.2 [cc831e1]