Ok Guys, here's my very frustrating problem:
I need to deploy an mautic Instance With ssl on that. Please note who the SSL needs to be generated automatically, I want a full docker process.
I tried everything, but aparenty do not exists any slution who generate SSL directly on docker, everything I found uses the server level.
The most aproximated solution who I found is using ftraefik, but it will givinf conflict with mautic.
Here's my docker-compose file:
version: "3"
services:
traefik:
image: "traefik"
restart: always
command:
- "--api=true"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entrypoint.scheme=https"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true"
- "--certificatesresolvers.mytlschallenge.acme.email=${SSL_EMAIL}"
- "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
volumes:
- ${DATA_FOLDER}/letsencrypt:/letsencrypt
- /var/run/docker.sock:/var/run/docker.sock:ro
mauticdb:
restart: always
image: percona/percona-server:5.7
container_name: mauticdb
volumes:
- mysql_data:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=${MAUTIC_DB_PASSWORD}
command:
--character-set-server=utf8mb4 --collation-server=utf8mb4_general_ci
mautic:
restart: always
image: mautic/mautic:latest
container_name: mautic
links:
- mauticdb:mysql
depends_on:
- mauticdb
ports:
- 127.0.0.1:80:80
volumes:
- mautic_data:/var/www/html
environment:
- MAUTIC_DB_HOST=mauticdb
- MYSQL_PORT_3306_TCP=3306
- MAUTIC_DB_USER=root
- MAUTIC_DB_PASSWORD=${MAUTIC_DB_PASSWORD}
- MAUTIC_DB_NAME=mautic
- MAUTIC_RUN_CRON_JOBS=true
- PHP_INI_DATE_TIMEZONE=${GENERIC_TIMEZONE}
labels:
- traefik.enable=true
# Routes
- traefik.http.routers.mautic.rule=Host(`${MAUTIC_SUBDOMAIN}.${DOMAIN_NAME}`)
- traefik.http.routers.mautic-secure.tls=true
- traefik.http.routers.mautic.entrypoints=websecure
- traefik.http.routers.mautic.tls.certresolver=mytlschallenge
# Middlewares
- traefik.http.middlewares.mautic.headers.SSLRedirect=true
- traefik.http.middlewares.mautic.headers.contentTypeNosniff=true
- traefik.http.middlewares.mautic.headers.SSLHost=${DOMAIN_NAME}
- traefik.http.middlewares.mautic.headers.forceSTSHeader=true
volumes:
mautic_data:
sslcerts:
mysql_data:
Traefik was conflicting with Mautic on port 80. So this'nt workig at all.
Q: How I can install Traefik and use it to proxy the Mautic requests over HTTPS?
And:
If Traefik was not a correct way, what configuration I need to automatically generate lets encrypt based in a domain feeled in a .env file?
In open to anything who works.
Thank you;
Run MAUTIC on a different port than 80 (as this is used by Traefik)
ports:
- "8081:80"
You can also configure Traefik to listen on port 443 only: in this case it will only accept HTTPS requests and MAUTIC can run on port 80 without conflicting.