Configure rundeck portal to use SSL (docker mode)

20 views
Skip to first unread message

Guillaume De Maré

unread,
Jul 5, 2024, 8:50:08 AMJul 5
to rundeck-discuss
Hello guys,
I am trying to configure HTTPS for my POC rundeck container (5.4.0) but to be honest, I am struggling with the process. 

I imported a certificate and the appropriate private in  keystore/truststore and pointed the ssl.properties file to it.

After that I simply tried to update the RUNDECK_GRAILS_URL (from the docker-compose.yml) value with https://FQDN:4443 and I have done:

I also edited docker-compose to expose port 4443 instead of 4440 

I finally applied by :
docker compose down && docker compose up -d

I looked at some documentation and they provide a Dserver.https.port to add in /etc/profile which is not identital in container mode. Apparently the equivalent file is the /home/rundeck/docker-lib/entry.sh which run at startup but this options is invalid if you provide it in entry.sh

Thanks for your help.

rac...@rundeck.com

unread,
Jul 5, 2024, 9:18:50 AMJul 5
to rundeck-discuss

Hi,

Let me share a working example:

ssl ├── Dockerfile ├── docker-compose.yaml └── lib └── generate-ssl.sh

docker-compose.yml:

version: "3" services: rundeck: build: context: . args: IMAGE: ${RUNDECK_IMAGE:-rundeck/rundeck:5.4.0} container_name: rundeck-ssl command: "-Dserver.https.port=4443 -Drundeck.ssl.config=/home/rundeck/server/config/ssl.properties" ports: - 4443:4443 environment: RUNDECK_GRAILS_URL: https://localhost:4443

Dockerfile:

ARG IMAGE FROM ${IMAGE} USER rundeck COPY --chown=rundeck:root lib docker-lib RUN chmod +x docker-lib/generate-ssl.sh RUN ./docker-lib/generate-ssl.sh

generate-ssl.sh (this generates a self-signed cert, inside the lib directory):

#!/usr/bin/env bash ## Adding ssl support ################################## keytool -keystore etc/keystore \ -alias rundeckssl \ -genkey -keyalg RSA \ -keypass adminadmin \ -storepass adminadmin \ -dname "C=test, S=stgo, OU= rundeck, L=stgo, O=cst, CN=rundeck" cp etc/keystore etc/truststore ########################################################

Now execute the docker compose up command and then access the https://localhost:4443 URL.

Regards.

Reply all
Reply to author
Forward
0 new messages