Certbot with Nginx

[diogomiloco]

Hello!
I'm currently trying to setup node postgres redis nginx and certbot and it gives me unauthorized when running the certbot container.

Here's my docker-compose.yml file:

 nginx:
   build:
       context: ./nginx
       args:
           - WEB_REVERSE_PROXY_PORT=8000
           - WEB_SSL=true
           - SELF_SIGNED=false
           - NO_DEFAULT=false
   volumes:
       - ./data/logs/nginx/:/var/log/nginx
       - ./certbot/certs/:/var/certs
   ports:
       - "80:80"
       - "443:443"
   tty: true

certbot:
   build:
       context: ./certbot
   links:
       - nginx
   volumes:
     - ./certbot/letsencrypt/:/var/www/letsencrypt
     - ./certbot/certs/:/var/certs

and here is the error shown on terminal when running docker-compose up --build certbot after all the other containers are already running:

certbot_1 | Failed authorization procedure. www.{site_here}.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from www.{site_here}.com/.well-known/acme-challenge/ml7LgtVd-K0DUG99xFYH5NOz_0gZyNd2SQVdJL1c9JM: "
certbot_1 | <titl.e>404 Not Found</titl.e>
certbot_1 |
certbot_1 |

<h.1>404 Not Found</h.1>
certbot_1 |

---

"
certbot_1 | IMPORTANT NOTES:
certbot_1 | - The following errors were reported by the server:
certbot_1 |
certbot_1 | Domain: www.{site_here}.com
certbot_1 | Type: unauthorized
certbot_1 | Detail: Invalid response from http://www.{site_here}.com/.well-known
certbot_1 | /acme-challenge/ml7LgtVd-K0DUG99xFYH5NOz_0gZyNd2SQVdJL1c9JM:
certbot_1 | "
certbot_1 | <t.itle>404 Not Found</tit.le>
certbot_1 |
certbot_1 | <h.1>404 Not Found</h.1>
certbot_1 |

---

"
certbot_1 |
certbot_1 | To fix these errors, please make sure that your domain name was
certbot_1 | entered correctly and the DNS A record(s) for that domain
certbot_1 | contain(s) the right IP address.
certbot_1 | cp: cannot stat '/etc/letsencrypt/archive/www.{site_here}.com/cert1.pem': No such file or directory
certbot_1 | cp: cannot stat '/etc/letsencrypt/archive/www.{site_here}.com/privkey1.pem': No such file or directory

I've ommited the domain, but it's a valid one.

Also with this failing, Nginx will fail because it can't find the .pem files on nodock/nginx/sites/node-https.template

# environment variables
# WEB_REVERSE_PROXY_PORT ${WEB_REVERSE_PROXY_PORT}
server {
listen 443 default_server http2;

ssl on;
ssl_certificate /etc/ssl/cert1.pem;
ssl_certificate_key /etc/ssl/privkey1.pem;

location / {
    proxy_pass http://node:${WEB_REVERSE_PROXY_PORT};
}

}

Would it be possible to add a working example and configuration of certbot container running with node?

Thanks a lot!

[dimasrizqi]

add volume on nginx service

• ./certbot/letsencrypt/:/var/www/letsencrypt