jippi/docker-pixelfed

Documentation for use your own SSL certs conflicts with docs from nginx-proxy

Open

#131 opened on 2025年1月31日

GitHub で見る
 (3 comments) (0 reactions) (0 assignees)Shell (6 forks)github user discovery
documentationhelp wanted

Repository metrics

Stars
 (48 stars)
PR merge metrics
 (PR metrics pending)

説明

https://jippi.github.io/docker-pixelfed/customize/faq/#how-do-i-use-my-own-ssl-certificate says to name them ${APP_DOMAIN}.cert.pem and ${APP_DOMAIN}.key.pem plus some chain files. However, the docs for nginx-proxy say:

The contents of /path/to/certs should contain the certificates and private keys for any virtual hosts in use. The certificate and keys should be named after the virtual host with a .crt and .key extension. For example, a container with VIRTUAL_HOST=foo.bar.com should have a foo.bar.com.crt and foo.bar.com.key file in the certs directory.

I'm trying to use this for local development with a self-signed certificate. I had ERR_SSL_UNRECOGNIZED_NAME_ALERT with no option to accept the certificate anyway when I followed this project's docs. After switching my filenames to localhost.crt and localhost.key and ignoring the chain ones, the browser started receiving a certificate and just complaining about it being self-signed, giving me an option to bypass that.

I thought about sending a patch to change the docs, but I don't know how the LetsEncrypt part interacts and didn't want to break the docs related to those.

Relatedly, the healthchecks on this project fail if the certificate is self-signed. I had to add -k to the curl commands.

コントリビューターガイド