CODEWITHSUNDEEP
dockernginxdocker-composedocker-volume
atom Jung
atom Jung

Reputation: 127

build with volumes in the docker-compose.yml

I want to run multiple web application images with NGINX.

So I wrote docker-compose.yml which build nginx image and run nodejs containers.

I have SSL Certificate issued by letsencrypt.

The certificate files is located in /etc/letsencrypt/live/mydomain.com/

I want NGINX container to read the files.

So, I appended volumes: - /etc/letsencrypt/live/mydomain.com/:/etc/cert:ro to docker-compose.yml.

But nginx.conf cannot read the files.

I found that the directory /etc/cert doesn't exist and it's mounted as bind type.

I want to know how to set volumes in the docker-compose.yml file to read inside of containers.

docker-compose.yml

version: '2.0'

services:  
  nginx:
    container_name: manager
    build: ./nginx
    links:
      - app-1:app-1
      ...
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/letsencrypt/live/mydomain.com/:/etc/cert:ro
    depends_on:
      - app-1
      ...

  app-1:
    container_name: audio-1
    image: audio:test
    ports:
      - 80

  ...

nginx.conf

worker_processes 4;

events { worker_connections 1024; }

http {  
  upstream node-app {
    least_conn;
    server app-1:80 weight=10 max_fails=3 fail_timeout=60s;
    ...
  }

  server {
    listen 80;
    return 301 https://$host$request_uri;
  }

  server {
    listen 443 ssl;
    ssl_certificate /etc/cert/fullchain.pem;
    ssl_certificate_key /etc/cert/privkey.pem;
    location / {
      proxy_pass http://node-app;
      ...
    }
  }
}

error

nginx: [emerg] BIO_new_file("/etc/cert/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/cert/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)

$docker inspect manager

...
"Mounts": [
  {
    "Type": "bind",
    "Source": "/etc/letsencrypt/live/luvber.kr",
    "Destination": "/etc/cert",
    "Mode": "ro",
    "RW": false,
    "Propagation": "rprivate"
   }
 ],
...

Thanks

Upvotes: 6

Views: 12975

Answers (1)

Abdullah Shah
Abdullah Shah

Reputation: 780

The problem is that the volume would be mounted after the build operations is completed. That is why this approach won't work for you.

What you will need to do is copy those resources inside container in a dockerfile.

Assuming you don't have a dockerfile defined. You can create your on making nginx your base image.

Which would look somewhat like....

From nginx:latest

COPY from/host/dir to/container/container/dir

Something similar but in different context they are explaining here

Cheers!

Upvotes: 8

Related Questions