Simple question

I am experimenting with LXD 3.0 containers in my host Ubuntu 18.04 server. I have HAproxy running in one LXD container. And I have my main app running in nodejs in another LXD container.

My confusion is where and how do I install Letsencrypt cert to secure (SSL) the nodejs app? Is the cert only installed in the host? In HAproxy? In the nodejs? Or all three?

BTW, I access the nodejs by browsing to a subdomain (ex: nodejs.mydomain.com) HAproxy directs to the nodejs app container running on a specific port 9001.

Your comment appreciated.

If all traffic is directed to your HAProxy container first, then distributed to other containers, it’s probably best to request and install a certificate inside your HAProxy instance.
But you can also make sure other containers will be able to read the file by sharing the software directory with other containers (and your host machine). (For example, if you are using certbot, you can share /etc/letsencrypt directory from your machine to all containers so every container will have access to certificates)

Thanks Steven. And yes, I am port forwarding ports 80/443 on my host server to the HAproxy container.

I am not sure if/why I would need to share with other containers? How would I do that?

Ray

It's just in case😂

Try this: Exposing a directory on the host machine to an LXC container #blog · GitHub (source from web, backup before proceed)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.