jippi/docker-pixelfed

Documentation for use your own SSL certs conflicts with docs from nginx-proxy

Open

#131 aberto em 31 de jan. de 2025

Ver no GitHub
 (3 comments) (0 reactions) (0 assignees)Shell (6 forks)github user discovery
documentationhelp wanted

Métricas do repositório

Stars
 (48 stars)
Métricas de merge de PR
 (Métricas PR pendentes)

Description

https://jippi.github.io/docker-pixelfed/customize/faq/#how-do-i-use-my-own-ssl-certificate says to name them ${APP_DOMAIN}.cert.pem and ${APP_DOMAIN}.key.pem plus some chain files. However, the docs for nginx-proxy say:

The contents of /path/to/certs should contain the certificates and private keys for any virtual hosts in use. The certificate and keys should be named after the virtual host with a .crt and .key extension. For example, a container with VIRTUAL_HOST=foo.bar.com should have a foo.bar.com.crt and foo.bar.com.key file in the certs directory.

I'm trying to use this for local development with a self-signed certificate. I had ERR_SSL_UNRECOGNIZED_NAME_ALERT with no option to accept the certificate anyway when I followed this project's docs. After switching my filenames to localhost.crt and localhost.key and ignoring the chain ones, the browser started receiving a certificate and just complaining about it being self-signed, giving me an option to bypass that.

I thought about sending a patch to change the docs, but I don't know how the LetsEncrypt part interacts and didn't want to break the docs related to those.

Relatedly, the healthchecks on this project fail if the certificate is self-signed. I had to add -k to the curl commands.

Guia do colaborador