Follow

Today's adventure... SSL cert hell. Oh the joy's of Docker and proxies

@chris I have my reverse proxy—NGINX—live right on the host OS, and certbot too, and actual code and dependencies (mostly) inside containers. Each Docker service that requires outside access has its own ‘virtual host’ file and `server` block, and its own certificate. Works okay, so far.

@chris Thought of moving NGINX inside a container of its own, but felt that’d just needlessly complicate things. (That said, I’m a bit of a, uh, complete DevOps noob.)

@janboddez That makes sense. This adventure was for wpengine.com/devkit. We push all http/https traffic to mitmproxy. This broke npm due to the self-signed cert in mitmproxy. Took me forever to figure that one out.

Sign in to participate in the conversation
Chris Wiegman

mastodon.chriswiegman.com is one server in the network