Comments (5)
Nico640
commented on August 16, 2024
Hi,
You can set the environment variables SSL_CERT and SSL_CERT_KEY to let UNMS handle your custom certs. So for example, SSL_CERT = FQDN.crt, SSL_CERT_KEY = FQDN.key. Your FQDN.crt and FQDN.key currently have to be in the /usercert/ directory, which you probably have to create. This isn't really convenient at the moment, because /usercert/ will reset when you update the container. I'll probably change this in the next build so that it uses /config/cert/ as the custom cert directory.
from docker-unms.
JiriPodhorny
commented on August 16, 2024
Hallo,
thank you very much, it's working now 👍
Just for summary:
- created folder usercert under volumes/unms
- certificates copied to both folders (volumes/unms/cert and /volumes/unms/usercert)
- docker-compose.yml modified - SSL_CERT=FQDN.crt and SSL_CERT_KEY=FQDN.key added to environment section
Best Regards,
Jiri
from docker-unms.
JiriPodhorny
commented on August 16, 2024
Complete description, how I get it work:
contents of docker-compose.yml
version: '2'
services:
unms:
image: nico640/docker-unms:armhf
restart: always
ports:
- 80:80
- 443:443
- 2055:2055/udp
volumes:
- ./volumes/unms:/config
environment:
- TZ=Europe/Prague
- PUBLIC_HTTPS_PORT=443
- PUBLIC_WS_PORT=443
- SSL_CERT=raspi.crt
- SSL_CERT_KEY=raspi.key
files in ~/unms/volumes/unms/cert
drwxr-xr-x 2 pi pi 4096 říj 27 11:57 .
drwxr-xr-x 8 911 911 4096 říj 21 08:59 ..
lrwxrwxrwx 1 pi pi 12 říj 20 20:01 cert -> /config/cert
-rw-r--r-- 1 pi pi 1505 říj 26 22:34 custom.crt
-rw------- 1 pi pi 1704 říj 26 22:34 custom.key
lrwxrwxrwx 1 root root 12 říj 27 11:57 live.crt -> ./custom.crt
lrwxrwxrwx 1 root root 12 říj 27 11:57 live.key -> ./custom.key
files in ~/unms/volumes/unms/usercert
drwxr-xr-x 2 pi root 4096 říj 27 11:34 .
drwxr-xr-x 8 911 911 4096 říj 21 08:59 ..
-rw-r--r-- 1 pi pi 1505 říj 27 11:34 raspi.crt
-rw-r--r-- 1 pi pi 1704 říj 27 11:34 raspi.key
lrwxrwxrwx 1 root root 16 říj 26 17:18 usercert -> /config/usercert
Files custom.crt/.key in /cert are copy of raspi.crt/.key, they are used during start of UNMS
After start (docker-compose up -d) UNMS tries find certificates in /usercert
This folder is not available, so it keeps using certificate in /cert
You will get following info:
In Dashboard-Notifications:
SSL certificate renewal failed.
Please check Settings/UNMS and the nginx.*.log file for error messages.
On Settings-UNMS-SSL Certificate page
Last refresh of SSL certificate had failed.
Timestamp: Today at 11:42
Error: /bin/cat: /usercert/raspi.key: No such file or directory
Failed to create temp key from '/usercert/raspi.key'.
Keeping existing certificate for '[email protected]'.
Most important is, that it keeps using custom certificate and not generate self-signed stuff.
UNMS is then trying refresh certificate everyday (in my case at 5:00 AM) with repeating error notifications.
To get of rid these errors I did following:
docker-compose exec unms bash
cd /
ln -s /config/usercert /usercert
exit
Then in UMNS on Settings-UNMS-SSL Certificate press button 'Refresh Certificate'.
Since then everything works OK.
If you can add symbolic link /usercert -> /config/usercert in next revision, it will be perfect.
Best Regards
Jiri
from docker-unms.
Nico640
commented on August 16, 2024
Link added in latest build (1.0.8)
from docker-unms.
JiriPodhorny
commented on August 16, 2024
Just updated to 1.0.8 and it works as expected. Thank you.
from docker-unms.
Related Issues (20)
- Open Ports for Postgresql HOT 1
- Core (sigsegv) on startup with QNAP and 2.3 series HOT 4
- Issue with upgrading older version of UISP (1.6.5 --> 2.3.57) HOT 5
- Update Docker Image for UISP 2.4.93 HOT 2
- Unable to do fresh install of 2.4.93 HOT 1
- Running with reverse proxy HOT 2
- clean install but infinite loop HOT 2
- s6-overlay-suexec: fatal: can only run as pid 1 on Container start. HOT 2
- How to get UNMS (UISP) to take a lets encrypt (or converted) .key/.crt using docker-compose, no Wiki info. HOT 8
- Changing ports doesn't seem to be working HOT 1
- UISP never starts. Container restarts HOT 2
- Update to 2.2.12 HOT 2
- Suggestion:
- Limit memory usage of container
- Connection refused while connecting to upstream, client HOT 2
- UISP container starts only after recreation, but than not and have to recreate container every time HOT 2
- Docker Compose Version HOT 1
- RabbitMQ not start HOT 13
- 1.3.11 no longer responding to requests. HOT 10
- Can't start on A1 Oracle instances because of outdated Node.js version HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-unms.