this isn’t nginx support here, but you likely didnt configure your nginx correctly. Take a look at the default site-conf in our letsencrypt container and compare it to what you have in your nginx container. You can’t just blindly take partial configs from thing1 and expect it to work with thing2 without effort
it depends how LSIO is packaging configuration files with Docker, though.
I did some tests with a full-fledged NGINX server running on a VM and it was working fine.
I’m confused by what I’m supposed to be doing now.
I think I’m right when I believe that the linuxserver/reverse-proxy-confs are designed to work with letsencrypt, but I’m not really sure.
on this: should I be using letsencrypt instead of nginx?
I am currently experimenting with a virtual machine and I was under the impression that for letsencrypt to work you really have to have your public facing server with DNS (or dynamic DNS) records…
If you want to reverse proxy, i would use our reverse proxy which is linuxserver/letsencrypt
you are correct that the reverse-proxy-confs are for letsencyrpt. It says in the description of that repo These confs are pulled into our letsencrypt image: https://github.com/linuxserver/docker-letsencrypt
can you make the confs work in vanilla nginx? of course, just needs some changed to the default site config.
am I able to test the configuration with letsencrypt from within a VM?
I don’t have a DNS record right now.
I thought that since letsencrypt is basically nginx with the addition of certbot and fail2ban, the configs would have been similar if not identical. my mistake, then?
the nginx container is vanilla nginx; the letsencrypt container is built as a reverse proxy.
you will need to get a domain, duckdns can give you something like piramiday.duckdns.org so you can test. You can also do as i suggested and compare the default site config between our reverse proxy and the nginx container and make it work without the certbot component.
sorry to reiterate, my question was: can I go through the letsencrypt process without a DNS record?
I don’t understand if I can, and then whatever process of connection between the host (the VM) and the external domain (whether proper or dynamic) will just fail, or if I cannot in that the container will crash and burn.
do you have some docs to link regarding the differences between the default configurations of nginx and letsencrypt, and I mean the LSIO-specific configurations that go on in letsencrypt?
thanks!
okay, so it’s really a “strong” need. got it, thanks for clarifying.
I think I’m heading in the right direction, because I’ve been playing around and some things seem to be working, while some don’t.
do you have an idea of what should be changed from those “subdirs” config setups? I mean, to accomodate it from letsencrypt to a vanilla nginx?
thanks for the help.
I have been successful in exploiting several containers in a docker-compose stacked on top of linuxserver/docker-letsencrypt.
I have used DuckDNS on a non-default port, and it works great!
I had to, of course, open the port in the firewall on my host and port forward the port from the host to the guest in VirtualBox.
now my guest is running docker with the LSIO stack.
so I guess the simplest solution is indeed to use letsencrypt rather than nginx! a server is not needed – just an open port, like the dynamic forwarding that most VPN providers offer.