Code Monkey home page Code Monkey logo

docker-testca's Introduction

testca

This is a ready-to-go step-ca docker image, for use in development and CI testing of nginx-proxy-manager.

Usage:

docker-compose.yml:

version: "3"
services:
  testca:
    image: jc21/testca
    networks:
      default:
        aliases:
          - ca.internal

You'll need to grab the root CA from this project step/certs/root_ca.crt and bootstrap it (install it) in your system before you will be able to trust this CA.

You can also install this as part of a Dockerfile:

FROM jc21/testca as testca
FROM alpine

COPY --from=testca /home/step/certs/root_ca.crt /etc/ssl/NginxProxyManager.crt

If you are using the step client:

step ca bootstrap --ca-url https://ca.internal \
  --fingerprint 324f766f1bbfe9bb292d7185267ab46ef8b8efa9b2799853997bfcc3f18b446f

Then use the following acme url:

https://ca.internal/acme/nginxproxymanager/directory

docker-testca's People

Contributors

jc21 avatar

Stargazers

avatar avatar

Watchers

avatar avatar avatar

docker-testca's Issues

Container status is unhealthy running alongside Nginx Proxy Manager

I have been using Nginx Proxy Manager for a months and it's been working great (along with about 20 other Docker containers). I wanted to setup step-ca to provide ssl certs to my internal hosts. I can't figure this out, so I'm sure that must be using this container incorrectly, because it shows up as Unhealthy status. It's trying to use port 443 which conflicts with NPM. I have this all setup in docker compose like this.

    nginx-proxy-manager:
        hostname: nginx-proxy-manager
        container_name: nginx-proxy-manager
        ports:
            # Public HTTP Port:
            - '80:80'
            # Public HTTPS Port:
            - '443:443'
            # Admin Web Port:
            - '1881:81'
        environment:
            # These are the settings to access your db
            DB_MYSQL_HOST: "db"
            DB_MYSQL_PORT: 3306
            DB_MYSQL_USER: "npm"
            DB_MYSQL_PASSWORD: "npm"
            DB_MYSQL_NAME: "npm"
            DISABLE_IPV6: 'true'
        volumes:
            - /docker/containers/nginx-proxy-manager/data:/data
            - /docker/containers/nginx-proxy-manager/letsencrypt:/etc/letsencrypt
        depends_on:
            - db
        restart: unless-stopped
        image: 'jc21/nginx-proxy-manager:latest'

    db:
        hostname: db
        container_name: db
        environment:
            MYSQL_ROOT_PASSWORD: 'npm'
            MYSQL_DATABASE: 'npm'
            MYSQL_USER: 'npm'
            MYSQL_PASSWORD: 'npm'
        volumes:
            - /docker/containers/nginx-proxy-manager/data/mysql:/var/lib/mysql
        image: 'jc21/mariadb-aria:latest'
        restart: unless-stopped
    stepca:
        container_name: step-ca
        networks:
          default:
            aliases:
              - ca.lab
        image: nginxproxymanager/testca

I have created an internal DNS entry that resolves properly to ca.lab. Here's what the log shows. I don't see

docker logs -f step-ca
badger 2022/03/18 00:10:44 INFO: All 0 tables opened in 0s
2022/03/18 00:10:44 Serving HTTPS on :443 ...

I'm also unclear, even if the port conflict is resolved, exactly how to use this alongside NPM. There is no /home/step directory being created on the host either, although I can see them in the running container.

root@frontend:~# docker exec -it step-ca /bin/bash
bash-5.1$ cd certs/
bash-5.1$ ls
intermediate_ca.crt  root_ca.crt

I guess I'm not exactly sure how I'm supposed to use this to generate certs for my other internal Docker containers. Any help is greatly appreciated. Thanks!

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.