Hi. I am trying to deploy to production an API with Django, docker-compose, nginx and certbot for letsencrypt. I am trying to set up the correct configuration file to make it run properly, but each time it fails the ACME challenge and I don't know how to fix or if it is a problem of the code or of the certbot.
Here is the configuration file:
server {
listen 8001 ssl;
server_name api.my-table.it www.api.my-table.it localhost 127.0.0.1;
ssl_certificate /etc/letsencrypt/live/api.my-table.it/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/api.my-table.it/privkey.pem;
charset utf-8;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;
# max upload size
client_max_body_size 512M;
location ^~ /.well-known/acme-challenge/ {
alias /var/www/acme-challenge/;
}
location / {
proxy_pass http://my_table:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
And each time I run the code as a whole, the following output happens
Challenge failed for domain api.my-table.it
nginx_1 | http-01 challenge for api.my-table.it
IMPORTANT NOTES:
nginx_1 | - The following errors were reported by the server:
nginx_1 |
nginx_1 | Domain: api.my-table.it
nginx_1 | Type: unauthorized
nginx_1 | Detail: 64.226.76.162: Invalid response from
nginx_1 | https://api.my-table.it/.well-known/acme-challenge/TazGzeu6KQZrEMK6YF1Pqkyqx52-gHC2SqX-twqgEig:
nginx_1 | 404
nginx_1 |
nginx_1 | To fix these errors, please make sure that your domain name was
nginx_1 | entered correctly and the DNS A/AAAA record(s) for that domain
nginx_1 | contain(s) the right IP address.
nginx_1 | + error 'Cerbot failed for . Check the logs for details.'
Am I doing something wrong in the conf file or something? If you need also the docker-compose file or the dockerfile are the following
version: "3.9"
services:
db:
container_name: my_table_postgres
image: postgres
ports:
- 5432/tcp
volumes:
- my_table_postgres_db:/var/lib/postgresql/data
environment:
- POSTGRES_DB=my_table_postgres
- POSTGRES_USER=dev
- POSTGRES_PASSWORD=Ieyh5&RIR48!&8fc
redis:
container_name: redis
image: redis
ports:
- 6739:6739/tcp
environment:
- REDIS_HOST=redis-oauth-user-service
volumes:
- redis_data:/var/lib/redis/data/
my_table:
container_name: my_table
build: .
command: ["python", "-m", "gunicorn", "--bind", "0.0.0.0:5000", "-c", "gunicorn.conf.py", "mytable.wsgi"]
volumes:
- .:/api
ports:
- "5000:5000"
depends_on:
- db
- redis
celery:
image: celery
container_name: celery
restart: unless-stopped
build:
context: .
dockerfile: Dockerfile
command: ['python', '-m', 'celery', '-A', 'mytable' ,'worker', '-l', 'INFO']
volumes:
- .:/api
depends_on:
- redis
- my_table
links:
- redis
nginx:
restart: always
build: ./nginx/
environment:
- CERTBOT_EMAIL=mpossamaim@gmail.com
ports:
- "8000:80"
- "8001:443"
volumes:
- www-certs:/etc/letsencrypt
volumes:
my_table_postgres_db:
redis_data:
www-certs:
dockerfile
FROM staticfloat/nginx-certbot:latest
RUN rm -rf /etc/nginx/user.conf.d/*
COPY conf.d/ /etc/nginx/user.conf.d/
Please help me.