Comments (4)
Hi @PabloZaiden, I'm not sure if I understand your problem correctly. You have multiple servers, some containers on each of them, and you want to make load balancing and SSL termination using my image?
If yes, then you have to remember to deploy nginx-auto-ssl
only on one node, define properly upstream proxy (http://nginx.org/en/docs/http/ngx_http_upstream_module.html), do rest as described in the readme and you should be ready to go 👍
from docker-nginx-auto-ssl.
Thanks @Valian, I'm already doing that. The thing I was thinking is a better way to have high availability, considering that the node where the container handling the SSL termination could go down.
from docker-nginx-auto-ssl.
Sadly I'm not aware of any Open Source solution that would handle this case easily. When you are doing loadbalancing in front of nginx containers, there is no guarantee which one will answer to LE challenge, and it will most likely fail. Things that are coming to my mind:
- Terminate SSL on a loadbalancer level, but you probably will need to generate cert on your own somehow
- Use network volume for certificates, generate them using DNS challenges. But sadly it won't be as easy.
- If you are using Kubernetes, you may check this https://itnext.io/automated-tls-with-cert-manager-and-letsencrypt-for-kubernetes-7daaa5e0cae4
Personally, when HA is not required I'm using this image on just one node, otherwise, I'm baking certs into custom nginx image and I'm updating all of them using script every two months. Hope this will help you!
from docker-nginx-auto-ssl.
Thanks! I'm doing pretty much the same things. Was hoping someone already did something as out-of-the-box as this image, but with HA.
Thanks again!
from docker-nginx-auto-ssl.
Related Issues (20)
- how to use FastCGI HOT 4
- Include storage_adapter option HOT 2
- Brotli support? HOT 7
- Adding multiple domains? HOT 3
- How to config redis connection with password and tls/ssl HOT 1
- how to connect redis with docker-compose HOT 1
- Giving SSL to a standard wordpress installation HOT 4
- autorenew lets encrypt looks missing HOT 2
- Add fallback to a self-signed certificated HOT 1
- How to config backend and frontend with same domain HOT 2
- Is there an explanation of how this works somewhere? Blog post, etc ...? HOT 1
- server autossl.com not found HOT 3
- Facing issues with 301 Infinite redirects HOT 1
- 400 The plain HTTP request was sent to HTTPS port HOT 1
- 403 Error with Custom Port HOT 1
- ALLOWED_DOMAINS not implemented by default HOT 1
- Build for linux/arm64/v8 HOT 1
- ERR_CERT_AUTHORITY_INVALID HOT 5
- Enabling STS in docker-compose environment HOT 2
- Failing with curl returned with 3 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-nginx-auto-ssl.