Buen dia peladonerd, queria consultarte por Poste.io. Estoy tratando de levantarlo en mi servidor casero con un docker-compose.yml pero me salen errores como los de la image (a pesar de que en mi router tengo abierto el puerto 25)
Lo que si, en los puertos del nginx-proxy uso el 8000 y 8443 (tambien abiertos en el router y apuntando al servidor casero). Como se aprecia, uso dominios de duckdns.
Adjunto el docker-compose.yml. Dos cuestiones adicionales: la primera, con la variable HTTPS=ON, no me dejaba acceder ni por el puerto 8000 ni el 8443 al server, asi que la dejaba en OFF para probar; la segunda, solo podia acceder desde el puerto 8000 (que apunta al 80 del docker del nginx), es decir, tenia que acceder desde http://mail-testing.duckdns.org:8000
.
version: '3.0'
services:
duckdns:
image: linuxserver/duckdns
container_name: duckdns
environment:
- TZ=America/Argentina/Jujuy
- SUBDOMAINS=public-repository,testing-jairo,mail-testing
- TOKEN=2829705a-7c0b-4fc9-bd33-bba676204e4a
- LOG_FILE=false #optional
nginx-proxy:
image: jwilder/nginx-proxy
container_name: nginx-proxy
ports:
- "8000:80"
- "8443:443"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- certs:/etc/nginx/certs:ro
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- mailserver:/usr/share/nginx/html/.well-known
labels:
- com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: letsencrypt
restart: always
environment:
- NGINX_PROXY_CONTAINER=nginx-proxy
volumes:
- certs:/etc/nginx/certs:rw
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- mailserver:/usr/share/nginx/html/.well-known
- /var/run/docker.sock:/var/run/docker.sock:ro
web:
image: nginx
restart: always
volumes:
- ./www:/usr/share/nginx/html
expose:
- 80
environment:
- VIRTUAL_HOST=public-repository.duckdns.org
- LETSENCRYPT_HOST=public-repository.duckdns.org
- [email protected]
mongo-express:
image: mongo-express
container_name: mongo-express
expose:
- 8081
environment:
- ME_CONFIG_BASICAUTH_USERNAME=jairo
- ME_CONFIG_BASICAUTH_PASSWORD=MongoExpress2019!
- ME_CONFIG_MONGODB_PORT=27017
- ME_CONFIG_MONGODB_ADMINUSERNAME=root
- ME_CONFIG_MONGODB_ADMINPASSWORD=MongoDB2019!
- VIRTUAL_HOST=testing-jairo.duckdns.org
- LETSENCRYPT_HOST=testing-jairo.duckdns.org
- [email protected]
links:
- mongo
mongo:
image: mongo
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: MongoDB2019!
ports:
- "27017:27017"
volumes:
- ./database/db:/data/db
mailserver:
image: analogic/poste.io
container_name: mailserver
restart: always
expose:
- 80
ports:
- "25:25"
- "110:110"
- "143:143"
- "587:587"
- "993:993"
- "995:995"
- "4190:4190"
environment:
- VIRTUAL_HOST=mail-testing.duckdns.org
- LETSENCRYPT_HOST=mail-testing.duckdns.org
- [email protected]
- HTTPS=OFF
volumes:
- /etc/localtime:/etc/localtime:ro
- data:/data
- mailserver:/opt/www/.well-known
volumes:
certs:
html:
vhostd:
data:
mailserver:
También adjunto los logs del nginx-proxy y letsencrypt
Attaching to nginx-proxy
nginx-proxy | WARNING: /etc/nginx/dhparam/dhparam.pem was not found. A pre-generated dhparam.pem will be used for now while a new one
nginx-proxy | is being generated in the background. Once the new dhparam.pem is in place, nginx will be reloaded.
nginx-proxy | forego | starting dockergen.1 on port 5000
nginx-proxy | forego | starting nginx.1 on port 5100
nginx-proxy | dockergen.1 | 2020/02/08 23:27:25 Generated '/etc/nginx/conf.d/default.conf' from 10 containers
nginx-proxy | dockergen.1 | 2020/02/08 23:27:25 Running 'nginx -s reload'
nginx-proxy | dockergen.1 | 2020/02/08 23:27:25 Watching docker events
nginx-proxy | dockergen.1 | 2020/02/08 23:27:28 Generated '/etc/nginx/conf.d/default.conf' from 11 containers
nginx-proxy | dockergen.1 | 2020/02/08 23:27:28 Running 'nginx -s reload'
nginx-proxy | dockergen.1 | 2020/02/08 23:27:28 Received event start for container 8d9f21c858db
nginx-proxy | dockergen.1 | 2020/02/08 23:27:28 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload'
nginx-proxy | 2020/02/08 23:28:16 [notice] 111#111: signal process started
nginx-proxy | Generating DH parameters, 2048 bit long safe prime, generator 2
nginx-proxy | This is going to take a long time
nginx-proxy | dhparam generation complete, reloading nginx
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:41 +0000] "GET / HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:41 +0000] "GET /admin/install/server HTTP/1.1" 200 2387 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:53 +0000] "GET /admin/install/test?target=110&hostname=mail-testing.duckdns.org HTTP/1.1" 200 80 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:55 +0000] "GET /admin/install/test?target=587&hostname=mail-testing.duckdns.org HTTP/1.1" 200 88 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:55 +0000] "GET /admin/install/test?target=143&hostname=mail-testing.duckdns.org HTTP/1.1" 200 165 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:57 +0000] "GET /admin/install/test?target=995&hostname=mail-testing.duckdns.org HTTP/1.1" 200 80 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:57 +0000] "GET /admin/install/test?target=993&hostname=mail-testing.duckdns.org HTTP/1.1" 200 161 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:58 +0000] "GET /admin/install/test?target=4190&hostname=mail-testing.duckdns.org HTTP/1.1" 200 100 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:58 +0000] "GET /admin/install/test?target=outbound&hostname=mail-testing.duckdns.org HTTP/1.1" 200 106 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:32:03 +0000] "GET /admin/install/test?target=25&hostname=mail-testing.duckdns.org HTTP/1.1" 200 89 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:32:04 +0000] "GET /admin/install/test?target=ip6&hostname=mail-testing.duckdns.org HTTP/1.1" 200 80 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:32:09 +0000] "GET /admin/install/test?target=ip4&hostname=mail-testing.duckdns.org HTTP/1.1" 200 77 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:32:50 +0000] "GET /admin/install/test?target=80&hostname=mail-testing.duckdns.org HTTP/1.1" 504 160 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:32:50 +0000] "GET /admin/install/test?target=443&hostname=mail-testing.duckdns.org HTTP/1.1" 504 167 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy | nginx.1 | 2020/02/08 23:32:50 [error] 113#113: *9 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 190.110.242.179, server: mail-testing.duckdns.org, request: "GET /admin/install/test?target=443&hostname=mail-testing.duckdns.org HTTP/1.1", upstream: "http://192.168.80.4:80/admin/install/test?target=443&hostname=mail-testing.duckdns.org", host: "mail-testing.duckdns.org:8000", referrer: "http://mail-testing.duckdns.org:8000/admin/install/server"
nginx-proxy | nginx.1 | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:32:54 +0000] "GET /admin/install/test?target=result-le&hostname=mail-testing.duckdns.org HTTP/1.1" 504 160 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
Attaching to letsencrypt
letsencrypt | Info: Custom Diffie-Hellman group found, generation skipped.
letsencrypt | Reloading nginx proxy (446f18aab3e729c92c57a6653fa45e1ff81543c33e6f142270aaed745e0d6204)...
letsencrypt | 2020/02/08 23:27:28 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
letsencrypt | 2020/02/08 23:27:28 [notice] 73#73: signal process started
letsencrypt | Sleep for 3600s
letsencrypt | 2020/02/08 23:27:28 Generated '/app/letsencrypt_service_data' from 11 containers
letsencrypt | 2020/02/08 23:27:28 Running '/app/signal_le_service'
letsencrypt | 2020/02/08 23:27:28 Watching docker events
letsencrypt | 2020/02/08 23:27:28 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
letsencrypt | /etc/nginx/certs/mail-testing.duckdns.org /app
letsencrypt | Reloading nginx proxy (446f18aab3e729c92c57a6653fa45e1ff81543c33e6f142270aaed745e0d6204)...
letsencrypt | 2020/02/08 23:27:29 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
letsencrypt | 2020/02/08 23:27:29 [notice] 105#105: signal process started
letsencrypt | Creating/renewal mail-testing.duckdns.org certificates... (mail-testing.duckdns.org)
letsencrypt | 2020-02-08 23:27:32,847:INFO:simp_le:1414: Generating new certificate private key
letsencrypt | 2020-02-08 23:27:45,508:ERROR:simp_le:1396: CA marked some of the authorizations as invalid, which likely means it could not access http://example.com/.well-known/acme-challenge/X. Did you set correct path in -d example.com:path or --default_root? Are all your domains accessible from the internet? Please check your domains' DNS entries, your host's network/firewall setup and your webserver config. If a domain's DNS entry has both A and AAAA fields set up, some CAs such as Let's Encrypt will perform the challenge validation over IPv6. If your DNS provider does not answer correctly to CAA records request, Let's Encrypt won't issue a certificate for your domain (see https://letsencrypt.org/docs/caa/). Failing authorizations: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2715025637
letsencrypt | Challenge validation has failed, see error log.
letsencrypt |
letsencrypt | Debugging tips: -v improves output verbosity. Help is available under --help.
letsencrypt | /app
letsencrypt | /etc/nginx/certs/public-repository.duckdns.org /app
letsencrypt | Creating/renewal public-repository.duckdns.org certificates... (public-repository.duckdns.org)
letsencrypt | 2020-02-08 23:27:47,223:INFO:simp_le:1546: Certificates already exist and renewal is not necessary, exiting with status code 1.
letsencrypt | /app
letsencrypt | /etc/nginx/certs/testing-jairo.duckdns.org /app
letsencrypt | Creating/renewal testing-jairo.duckdns.org certificates... (testing-jairo.duckdns.org)
letsencrypt | 2020-02-08 23:27:49,141:INFO:simp_le:1546: Certificates already exist and renewal is not necessary, exiting with status code 1.
letsencrypt | /app
letsencrypt | Sleep for 3600s
Desde ya, muchas gracias por tu ayuda.
PD/ Sos un groso...!