nginx can't find /etc/letsencrypt/options-ssl-ngin.conf file
Solution 1
It seems you are missing /etc/letsencrypt/options-ssl-nginx.conf this file is the default configuration for all sites using a certbot installer. So this file normally gets created during the certificate installation (or issuing and installation) which mainly happens manually by someone whois configuring the system for the first time.
So you can either:
- Get the latest version of this file from its GitHub location at https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf and put it back where it should be
- OR change your
nginx.conffile and replace the line that gives the error (the line that includes that file) with the content of it you get from Github.
Solution 2
You can find /etc/letsencrypt/options-ssl-nginx.conf file like this on CentOs.
sudo yum install yum-utils
repoquery --list python2-certbot-nginx
Or like this for Ubuntu.
dpkg -L python2-certbot-nginx
and copy the file to /etc/letsencrypt dir.
sudo cp /usr/lib/python2.7/site-packages/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf /etc/letsencrypt/
If you want to use nginx and letsencrypt in Docker, read this tutorial
Related videos on Youtube
45 : 20
09 : 59
03 : 38
07 : 52
40 : 24
Matt Ellis
Updated on September 18, 2022Comments
-
Matt Ellis over 1 year
I'm trying to serve a python-django webapp using a linux box (running ubuntu 18.04) with nginx, gunincorn, letsencrypt and docker. After following a number of online tutorials I have been successful in serving the app via http through port 80 by following this tutorial http://pawamoy.github.io/2018/02/01/docker-compose-django-postgres-nginx.html.
However, I am now really struggling with deploying via https through port 443. I think maybe I am not understanding a fundamental docker concept. The error I get when running
sudo docker-compose upis below.NGINX ERROR:
nginx_1 | nginx: [emerg] open() "/etc/letsencrypt/options-ssl-nginx.conf" failed (2: No such file or directory) in /etc/nginx/conf.d/local_ssl.conf:28I believe this is because I have not linked the options-ssl-nginx.conf file in the docker-compose.yml file, maybe through a volume? I do not know if this is right though. The relevant parts of my docker-compose.yml file and nginx.conf files are below:
docker-compose.yml:
version: '3' services: # database containers database1: ... # web container djangoapp: ... # reverse proxy container (nginx) nginx: image: nginx:latest ports: - 80:80 - 443:443 volumes: - ./config/nginx/conf_ssl.d/:/etc/nginx/conf.d - static:/opt/services/djangoapp/static - media:/opt/services/djangoapp/media - ~/nginxlogs:/var/log/nginx - /etc/letsencrypt - /var/www/certbot /live/maps.critr.org.uk networks: - nginx_network depends_on: - djangoapp certbot: image: certbot/certbot restart: unless-stopped volumes: - /etc/letsencrypt - /var/www/certbot entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'" networks: ... volumes: ...nginx.conf:
upstream critr_server { server djangoapp:8000; } # divert all http traffic to https server { listen 80; server_name maps.critr.org.uk; return 301 https://maps.critr.org.uk; } server { listen 443 ssl; server_name maps.critr.org.uk; ssl_certificate /etc/letsencrypt/live/maps.critr.org.uk/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/maps.critr.org.uk/privkey.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; location /.well-known { root /opt/services/djangoapp/static/; } location /static/ { alias /opt/services/djangoapp/static/; } location /media/ { alias /opt/services/djangoapp/media/; } location / { proxy_pass https://critr_server; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_redirect off; } }I believe this is a problem with not understanding volumes in docker-compose? Though I've been trying to solve this for almost a week now and come up with nothing.