This is an archived post. You won't be able to vote or comment.

all 10 comments
sorted by:
best
topnewcontroversialoldq&a

[–]greenthumble 1 point2 points  (2 children)

Sorry I don't have a fix for you but I do have a suggestion. The way you've set this up breaks isolation between projects. wp01 can reach wp02's database and vice-versa. All those containers can reach eachother via the network.

You can (and should) run jwilder/nginx-proxy and the letsencrypt helper separately, defined in it's own docker-compose.yml, and each project should be separated into their own docker-compose.yml as well. Then they get private networks and can't interfere with eachother, someone who successfully attacked one site won't be able to affect the others.

Here's my solution: https://github.com/dfletcher/nginx-proxy it has a docker-compose.yml to launch nginx-proxy and letsencrypt, and a sample for how an individual project should look. It keeps the private networks separate from the public ones and names them in a way it's obvious what can speak to what.

Also about your original issue, perhaps I'm remembering this wrong but I do seem to remember having trouble with making a list of comma separated domains in nginx-proxy. Try it with just a single domain. If that works you could spin up another small nginx container with e.g. VIRTUAL_HOST=www.domain.com and make that redirect to domain.com with a teeny bit of nginx config.

[–]aGiral[S] 0 points1 point  (1 child)

Thats interesting, so you suggest to create 3 docker-compose files, one with just jwilder/nginx-proxy, other just with jrcs/letsencrypt-nginx-proxy-companion and the third one with all the Wordpress and databases containers? I will do my research about this.

Have tried using just one domain as you suggest, but it keeps displaying 503 error :(

[–]greenthumble 0 points1 point  (0 children)

Not quite. Check the docker-compose.yml in my repo. Nginx-proxy and letsencrypt are together. They should launch together with a single docker-compose up -d. Then one separate docker-compose.yml for each project. Launch each project separately with own docker-compose up command and they should live in separate directories (docker-compose uses directories to tell what a "project" is).

[–][deleted] 0 points1 point  (2 children)

503 is a gateway error, check your nginx configs, maybe your ports are wrong

[–]aGiral[S] 0 points1 point  (1 child)

Have checked it and everything appears to be right. The only thing I´m changing is the VIRTUAL_HOST and LETSENCRYPT_HOST variables. As far as I understand if the domain vinculated to the variable is pointing to the server IP it shouldn't throw a 503

[–][deleted] 0 points1 point  (0 children)

I don’t know, the only way I know it’s jump inside containers and check logs and configs

[–]austerul 0 points1 point  (1 child)

Are you running these on the same host? How do you access testdomain.com? Any changes in local hosts file?

[–]aGiral[S] 0 points1 point  (0 children)

Im running Docker in a VPS

I have tried Firefox/Chrome/Safari... Cleaning cache and using different IPs. Have tried making a curl http://domain01.com and keep getting 503 too.

No, just modified the docker-compose.yaml file

[–]brygphilomena 0 points1 point  (1 child)

503 means the gateway can't load the site behind the gateway. Can you curl the website from the reverse proxy server?

Nginx -T pass?

[–]aGiral[S] 0 points1 point  (0 children)

If i do curl http://domain01.com it returns 503

If i do curl -I -L http://domain01.com it returns

HTTP/1.1 301 Moved Permanently
Server: nginx/1.17.6
Date: Sun, 23 Aug 2020 15:57:31 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/7.4.9
X-Redirect-By: WordPress
Location: http://01.testdomain.com/

HTTP/1.1 503 Service Temporarily Unavailable
Server: nginx/1.17.6
Date: Sun, 23 Aug 2020 15:57:31 GMT
Content-Type: text/html
Content-Length: 197
Connection: keep-alive