Grafana and InfluxDB in Docker | Table of Contents | Setup Grafana |
---|
Run
sudo docker compose up
to start the Nginx, try the server is ok.
Use the
volumes
feature of Docker. Map the folder located at/etc/nginx/conf.d/
from the docker container to a folder located at./volume/nginx/conf/
on local machine. Every file add, remove or update into this folder locally will be updated into the container.
If you wish to adapt the default configuration, use something like the following to copy it from a running nginx container:
And add the following configuration file into your ./nginx/conf/ local folder. Do not forget to update using your own data.
Now reload nginx by doing a rough
sudo docker compose restart
or if want to avoid service interruptions (even for a couple of seconds) reload it inside the container usingsudo docker compose exec webserver nginx -s reload
.
Use the docker image for certbot and add it as a service to Docker Compose project.
Might have noticed they have declared the same volume. It is meant to make them communicate together.
Certbot will write its files into
./certbot/www/
and nginx will serve them on port 80 to every user asking for/.well-know/acme-challenge/.
That's how Certbot can authenticate our server.
Now test that everything is working by running
sudo docker compose run --rm certbot certonly --webroot --webroot-path /var/www/certbot/ --dry-run -d example.org
. Should get a success message like "The dry run was successful".
Restart container using
sudo docker compose restart
. Nginx should now have access to the folder where Certbot creates certificates.
However, this folder is empty right now. Re-run Certbot without the
--dry-run
flag to fill the folder with certificates:
Since have those certificates, the piece left is the 443 configuration on nginx.
Reloading the nginx server now will make it able to handle secure connection using HTTPS. Nginx is using the certificates and private keys from the Certbot volumes.
Since have this Docker environment in place, it is easier than ever to renew the Let's Encrypt certificates!
This small "renew" command is enough to let your system work as expected. Just have to run it once every three months.
Find this document incomplete? Leave a comment!
Grafana
Docker
Nginx
Certbot
Let's encrypt
Grafana and InfluxDB in Docker | Table of Contents | Setup Grafana |
---|