Unable to connect using SSL
boujrafh opened this issue · 3 comments
boujrafh commented
Hello @sameersbn ,
Great job you did.
Unfortunately, I was unable to use SSL.
I have an OVH domain and therefore I created my own certificates.
==> fullchain.pem which I renamed .CRT
==> privkey.key which I renamed .key
==> and I generated dhparam.pem certificate
I used the example from your docker-compose-ssl.yml unfortunately I can only access url through port 10083 but not using 10445.
Could you help me understand my error please?
And the last question : how to add my domain on the docker-compose.yml file
version: '2'
services:
postgresql:
image: sameersbn/postgresql:9.6-4
environment:
- DB_USER=redmine
- DB_PASS=xxxxxxxxxxxxxxxxxx
- DB_NAME=redmine_production
volumes:
- /srv/docker/redmine/postgresql:/var/lib/postgresql
redmine:
build: ./
image: sameersbn/redmine:4.2.3-1
depends_on:
- postgresql
environment:
- TZ=Europe/Brussels
- DB_ADAPTER=postgresql
- DB_HOST=postgresql
- DB_PORT=5432
- DB_USER=redmine
- DB_PASS=xxxxxxxxxxxxx
- DB_NAME=redmine_production
- DB_SSL_MODE=prefer
- REDMINE_PORT=10445
- REDMINE_HTTPS=true
# Defaults for ssl path. Please read https://github.com/sameersbn/docker-redmine#ssl
- SSL_KEY_PATH=/home/redmine/data/certs/services.xxxxxxxx.ovh.key
- SSL_CERTIFICATE_PATH=/home/redmine/data/certs/services.xxxxxxxxxx.ovh.crt
- SSL_DHPARAM_PATH=/home/redmine/data/certs/dhparam.pem
- REDMINE_RELATIVE_URL_ROOT=
- REDMINE_SECRET_TOKEN=
- REDMINE_SUDO_MODE_ENABLED=false
- REDMINE_SUDO_MODE_TIMEOUT=15
- REDMINE_CONCURRENT_UPLOADS=2
- REDMINE_BACKUP_SCHEDULE=daily
- REDMINE_BACKUP_EXPIRY=604800
- REDMINE_BACKUP_TIME=04:00
- SMTP_ENABLED=true
- SMTP_METHOD=smtp
- SMTP_DOMAIN=smtp.gmail.com
- SMTP_HOST=smtp.gmail.com
- SMTP_PORT=587
- SMTP_USER=services.xxxxxxxxxxx@gmail.com
- SMTP_PASS=eywgwbjprygyjsim
- SMTP_STARTTLS=true
- SMTP_AUTHENTICATION=:login
- IMAP_ENABLED=true
- IMAP_HOST=imap.gmail.com
- IMAP_PORT=993
- IMAP_USER=services.xxxxxxx@gmail.com
- IMAP_PASS=xxxxxxxxxx
- IMAP_SSL=true
- IMAP_INTERVAL=30
ports:
- "10083:80"
- "10445:443"
- "587:587"
- "993:993"
volumes:
- /srv/docker/redmine/redmine:/home/redmine/data
- /srv/docker/redmine/certs:/home/redmine/data/certs
- /srv/docker/redmine/redmine-logs:/var/log/redmine
- /srv/docker/redmine/plugins:/home/redmine/data/plugins
- /srv/docker/redmine/themes:/home/redmine/data/themes
jcormier commented
Please post the entire "docker-compose up" log
boujrafh commented
Attaching to docker-redmine_redmine_1, docker-redmine_postgresql_1
postgresql_1 | Initializing datadir...
postgresql_1 | Initializing certdir...
postgresql_1 | Initializing logdir...
postgresql_1 | Initializing rundir...
postgresql_1 | Setting resolv.conf ACLs...
postgresql_1 | Creating database user: redmine
postgresql_1 | Creating database: redmine_production...
postgresql_1 | ‣ Granting access to redmine user...
postgresql_1 | Starting PostgreSQL 9.6...
postgresql_1 | LOG: database system was shut down at 2022-02-14 19:12:43 UTC
postgresql_1 | LOG: MultiXact member wraparound protections are now enabled
postgresql_1 | LOG: database system is ready to accept connections
postgresql_1 | LOG: autovacuum launcher started
redmine_1 | Initializing logdir...
redmine_1 | Initializing datadir...
redmine_1 | Symlinking dotfiles...
redmine_1 | Installing configuration templates...
redmine_1 | Configuring redmine...
redmine_1 | Configuring redmine::database...
redmine_1 | Configuring redmine::unicorn...
redmine_1 | Configuring redmine::secret_token...
redmine_1 | Generating a session token...
redmine_1 | Note:
redmine_1 | All old sessions will become invalid.
redmine_1 | Please specify the REDMINE_SECRET_TOKEN parameter for persistence.
redmine_1 | **SHOULD** be defined if you have a load-balancing Redmine cluster.
redmine_1 | Configuring redmine::max_concurrent_ajax_uploads...
redmine_1 | Configuring redmine::sudo_mode...
redmine_1 | Configuring redmine::autologin_cookie...
redmine_1 | Configuring redmine::email_delivery...
redmine_1 | Configuring redmine::incoming_email...
redmine_1 | Configuring redmine::backups...
redmine_1 | Configuring redmine::backups::schedule...
redmine_1 | Configuring redmine::rmagic::font...
redmine_1 | Configuring nginx...
redmine_1 | Configuring nginx::redmine...
redmine_1 | Configuring nginx::redmine::ssl...
redmine_1 | Configuring nginx::redmine::hsts...
redmine_1 | Installing plugins...
redmine_1 | Installing themes...
redmine_1 | 2022-02-14 20:12:45,413 INFO Included extra file "/etc/supervisor/conf.d/cron.conf" during parsing
redmine_1 | 2022-02-14 20:12:45,414 INFO Included extra file "/etc/supervisor/conf.d/nginx.conf" during parsing
redmine_1 | 2022-02-14 20:12:45,414 INFO Included extra file "/etc/supervisor/conf.d/unicorn.conf" during parsing
redmine_1 | 2022-02-14 20:12:45,414 INFO Set uid to user 0 succeeded
redmine_1 | 2022-02-14 20:12:45,419 INFO RPC interface 'supervisor' initialized
redmine_1 | 2022-02-14 20:12:45,420 INFO supervisord started with pid 1
redmine_1 | 2022-02-14 20:12:46,423 INFO spawned: 'unicorn' with pid 315
redmine_1 | 2022-02-14 20:12:46,425 INFO spawned: 'cron' with pid 316
redmine_1 | 2022-02-14 20:12:46,426 INFO spawned: 'nginx' with pid 317
redmine_1 | 2022-02-14 20:12:48,117 INFO success: unicorn entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
redmine_1 | 2022-02-14 20:12:48,118 INFO success: cron entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
redmine_1 | 2022-02-14 20:12:48,119 INFO success: nginx entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
boujrafh commented
i found my error.
it's the link between folder contain the certs and the folder contain on the docker