certbot setup with nginx of xnat-docker-compose

[a.m....@gmail.com]

The nginx web server in the off-the-shelf xnat-docker-compose (I'm using version 1.7.6 because of an existing postgres 9 database) uses port 80. I want to install SSL certificates and then use https to improve security.

When I run certbot to install those certificates I get this message:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError("Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.")

I think that is because the nginx server is running in a docker.

This message is issued when nginx is running, and the XNAT is accessible via http.

Is it possible to install certificates on the host when nginx is running in a docker? Or does this needs to be done inside the docker as well, so that certbot can find the nginx binary?

[Herrick, Rick]

I can’t say that I’ve ever done this with an nginx container, just nginx as a service. I think you’d have to configure a local volume where certbot would write the certificate, as well as a local volume for the nginx configuration file, or you could generate the certificates on the server then share that folder into the container (you’d still need the nginx configuration file set up to reference the certificate).

 

Poking around Google trying to find an nginx container with certbot already installed and ready to go (doesn’t seem to exist, but that sounds like a great idea), I found a couple posts about getting this working, e.g. here and here.

 

BTW, you can upgrade to XNAT 1.8.x with PostgreSQL 9. You might have trouble with versions older than 9.4, but 9.4 and later should work fine (although, as always, back up your data and test extensively with a copy/dev version first!).

 

-- 

Rick Herrick

Sr. Programmer/Analyst

Neuroinformatics Research Group

Washington University School of Medicine

Phone: +1 (314) 273-1645

 

From: xnat_di...@googlegroups.com <xnat_di...@googlegroups.com> on behalf of a.m....@gmail.com <a.m....@gmail.com>
Date: Monday, February 14, 2022 at 7:57 AM
To: xnat_discussion <xnat_di...@googlegroups.com>
Subject: [XNAT Discussion] certbot setup with nginx of xnat-docker-compose

* External Email - Caution *

--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussi...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/xnat_discussion/fda4501a-90eb-4545-85eb-b0c690c3f233n%40googlegroups.com.

 

---

The materials in this message are private and may contain Protected Healthcare Information or other information of a sensitive nature. If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error, please immediately notify the sender via telephone or return mail.