Webinoly is just the perfect tool for NGINX experts. Give it a try!
0 votes
by Talented

I've setup a docker app in my server and I'm using webinoly to proxy it, which works fine and I can access the site with HTTP, but when I try to generate an SSL for it, I'm asked for the "-root-path" option, however, I'm not even sure where should I point this to because the app is started with a docker-compose file. My Docker app works at localhost:8080 but other than that, I'm confused about the -root-path option.

Yes yes, I've read the docs. I've tried "site site.com -ssl=on" and I get this:

site site.com -ssl=on

[ERROR] Seems like you are trying to request an SSL Certificate for a Parked/Mapped Domain.

Please, use the '-root=domain.com' parameter to specify the main domain.

If your site is using the Reverse Proxy configuration, please use the '-root-path=/opt/app' option.

I've tried using -root-path=/use/share/myapp which is where the docker files are, but it's still not working. Any help is appreciated.

Por cierto, muchas gracias por crear webinoly. Lo uso hace muchos años pero nunca he tenido que hacer algo como lo que intento hacer. Saludos!

1 Answer

+1 vote
by Expert
selected by
Best answer

I have never used Docker with Webinoly. But here are two suggestions:

  • The "-root-path" parameter should work. The path should be the root path of your site, for example if you save an image here: "/use/share/myapp/image.jpg" you should be able to see the image using "example.com/image.jpg". That's how it works! sudo site example.com -ssl=on -root-path=/use/share/myapp
  • Another option, you can always use the manual validation method described in the Webinoly documentation to get an SSL cert when a site for some reason is not accesible from the outside.


EDIT: Due to the docker virtual isolation the first option may NOT work. In fact, I think that it will be very hard to make Webinoly work with Docker. The most optimal solution should be having certbot and other tools inside the docker enviroment, and that's not possible with Webinoly. If you have any experience, please tell us...

by Talented

The first option didn't work at all because none of the Docker files are directly exposed to the Internet in any way. The documentation suggests using -manual=http however, this also won't work because of how Docker works.

The correct way to generate an SSL for a docker instance is running the following command:

site domain.com -ssl=on -manual=dns

Maybe you could add this to the docs for people that want to use Docker and generate an SSL?

Anyways, thanks for your help!

by Expert

Maybe you could add this to the docs for people that want to use Docker and generate an SSL?

I have never mentioned Docker in the Webinoly docs because they are not supposed to work together. A web server based on docker is an entirely different approach, you can see the EasyEngine V4 project, for instance.

by Talented
No, I don't want to use webinoly inside docker. What I'm doing is running WP, Laravel and a Docker app, so I need webinoly to handle these other sites AND the docker app in the same server. I don't think EasyEngine V4 won't allow me to do that since that's already based on Docker. I only wanted to use the proxy feature of webinoly to be able to run my Docker app, that's all. Anyways, it worked, thanks.
by Expert

You're welcome!

And yes, I understand.

Just for the record: SSL certs with manual validation are not renewed automatically. You should do it "manually" before they expired (90 days). That's why I mentioned EasyEngine.

Welcome to the Community site for Webinoly.

Our Optimized LEMP Web Server is a powerful set of commands for doing just about anything you could wish.

With Webinoly you can set up your NGINX web server in just one step.

* * * * * * *

To report a bug, please create a new issue on GitHub or ask a question here with the bug tag.
Webinoly Support Paypal Donations

PayPal · GitHub Sponsors · Bitcoin

It is very important that any visitor to the site read the disclaimer, terms of use and privacy and legal statement before start browsing.